Nec htěné restarty OS

[Ivošisko]

Prosím o kontrolu logu - neustále se mi restartuje notebook.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenovo at 2020-05-18 17:54:05
Microsoft Windows 10 Home
System drive C: has 220 GB (23%) free of 953 GB
Total RAM: 8071 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:54:09, on 18.05.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal

Running processes:
C:\Windows\syswow64\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe
C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
C:\Users\Lenovo\AppData\Roaming\Oracle\bin\javaw.exe
C:\Users\Lenovo\AppData\Roaming\Oracle\bin\java.exe
C:\Program Files (x86)\USB Camera\VM331STI.EXE
C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Lenovo\AppData\Roaming\uTorrent\updates\3.5.5_45672.exe
C:\Program Files\trend micro\Lenovo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll
O2 - BHO: Soda PDF Desktop 11 Helper - {9703de71-ce0d-11e8-9c83-40167e6e7313} - C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-helper.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Soda PDF Desktop 11 Toolbar - {970516f0-ce0d-11e8-8baa-40167e6e7313} - C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-plugin.dll
O4 - HKLM\..\Run: [331BigDog] "C:\Program Files (x86)\USB Camera\VM331STI.EXE"
O4 - HKLM\..\Run: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Nexus-Ultimate] C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe autostart
O4 - HKCU\..\Run: [NETGEARGenie] "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
O4 - HKCU\..\Run: [AtomicAlarmClock6] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
O4 - HKCU\..\Run: [CCXProcess] "C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe"
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Lenovo\AppData\Roaming\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [bvCkqlDgKUt] "C:\Users\Lenovo\AppData\Roaming\Oracle\bin\javaw.exe" -jar "C:\Users\Lenovo\PTCVWyAJvEp\XWHPSJfipJk.zbJXrg"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: IyJtAZtWgF.url
O4 - Startup: MEGAsync.lnk = C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe
O4 - Startup: One Calendar.lnk = ?
O4 - Startup: One Task.lnk = ?
O4 - Startup: syncthing.exe – zástupce.lnk = C:\Program Files\Syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe
O4 - Startup: Vista.ini.lnk = ?
O4 - Startup: windowsupdate.lnk = ?
O4 - Global Startup: Bitmeter2.lnk = C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe
O9 - Extra button: Run DailymotionDownloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files (x86)\Xmlbar\Dailymotion Downloader\DailymotionDownloader(xmlbar).exe (file missing)
O9 - Extra 'Tools' menuitem: Dailymotion Downloader - {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files (x86)\Xmlbar\Dailymotion Downloader\DailymotionDownloader(xmlbar).exe (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Atomic Alarm Clock Time (AtomicAlarmClock) - Unknown owner - C:\Program Files\Free Desktop Clock\timeserv.exe
O23 - Service: @oem77.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CAM Service (CAMService) - Unknown owner - C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_6132d - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NETGEARGenieDaemon - NETGEAR - C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Soda PDF Desktop 11 - LULU Software - C:\Program Files\Soda PDF Desktop 11\ws.exe
O23 - Service: Soda PDF Desktop 11 Creator - LULU Software - C:\Program Files\Soda PDF Desktop 11\creator\common\creator-ws.exe
O23 - Service: Soda PDF Desktop 11 Update Service - LULU Software - C:\Program Files\Soda PDF Desktop 11\updater-ws.exe
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spy Emergency Health Check (SpyEmrgHealth) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files (x86)\Wondershare\Video Converter Ultimate(CPC)\Transfer\DriverInstall.exe

--
End of file - 14558 bytes

======Listing Processes======








winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\Windows\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\Windows\system32\svchost.exe -k RPCSS -p
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\Windows\system32\svchost.exe -k LocalService -p -s bthserv
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\Windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\Windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\Windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Windows\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\Windows\system32\svchost.exe -k LocalService -p -s nsi
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Windows\system32\svchost.exe -k LocalService -p -s EventSystem
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\Windows\System32\svchost.exe -k netsvcs -p -s Themes
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-0d21b42d-3043-43de-98ab-c35975f53155 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6b01e213-4e0d-4983-b5fa-e1f6dae3dcb8 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-bf1e8c2d-2cc1-43ef-a00f-eee76e4692db -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ecf1f6c2-7613-4232-8234-cffceeb9f229 -LifetimeId:6865e469-9eb0-4896-a547-25ef33541208 -DeviceGroupId:WpdFsGroup -HostArg:0
C:\Windows\system32\svchost.exe -k appmodel -p -s camsvc
C:\Windows\System32\svchost.exe -k NetworkService -p -s NlaSvc

C:\Windows\system32\svchost.exe -k LocalService -p -s PhoneSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s UmRdpService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\Windows\system32\svchost.exe -k LocalService -p -s FontCache
dashost.exe {affdcc9a-dcb3-4aa3-a047c0aeb7a7b4ab}
C:\Windows\System32\svchost.exe -k LocalService -p -s netprofm
C:\Windows\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\Windows\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\System32\svchost.exe -k netsvcs -p -s SessionEnv
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\Windows\system32\AUDIODG.EXE 0x480
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\Windows\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\WLANExt.exe 1480107671872
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Free Desktop Clock\timeserv.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
C:\Windows\system32\BtwRSupportService.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k NetworkService -p -s CryptSvc
"C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe"
C:\Windows\System32\svchost.exe -k utcsvc -p
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
C:\Windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
C:\Windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

C:\Windows\system32\svchost.exe -k LocalService -p -s SstpSvc
"C:\Program Files\Soda PDF Desktop 11\creator\common\creator-ws.exe"
"C:\Program Files\Soda PDF Desktop 11\updater-ws.exe"
"C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\Windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\Windows\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe"
C:\Windows\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\Windows\System32\svchost.exe -k netsvcs
rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Soda PDF Desktop 11\ws.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\syswow64\rundll32.exe C:\ProgramData\478A5347\284EE138.dll,f3
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\svchost.exe -k LocalService -p -s fdPHost
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
sihost.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\Windows\Explorer.EXE
C:\Windows\syswow64\rundll32.exe C:\ProgramData\478A5347\284EE138.dll,f2 B003C6D5EF304D6EC18B5FD767831E49
C:\Windows\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\Windows\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
"C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca

C:\Windows\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.81.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe"
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe" /background
C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.81.0_x64__8wekyb3d8bbwe\YourPhoneServer/YourPhoneServer.exe" -Embedding
"C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe" autostart
"C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
genie2_tray.exe -start _NETGEARGenieTray_{7d651043-b3cc-417b-8a79-24ebca902179}_0_
C:\Windows\splwow64.exe 12288
"C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe"
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" --type=collab-renderer --proc=11292
"C:\Users\Lenovo\AppData\Roaming\Oracle\bin\javaw.exe" -jar "C:\Users\Lenovo\PTCVWyAJvEp\XWHPSJfipJk.zbJXrg"
C:\Users\Lenovo\AppData\Roaming\Oracle\bin\java.exe -jar C:\Users\Lenovo\AppData\Local\Temp\_0.79004152991466251587201635142182159.class
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe"
"C:\Program Files (x86)\USB Camera\VM331STI.EXE"
"C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe"
"C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe"

"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Users\Lenovo\AppData\Roaming\uTorrent\updates\3.5.5_45672.exe" /LAUNCHED
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\Syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe"
"C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2020.229.1.0_x64__8kea50m9krsh2\CalendarApp.Gui.Win10.exe" -ServerName:App.AppXn6er7mjp75jggxzp2f5ppbb3647b78j0.mca
"C:\Windows\system32\wscript.exe" /E:jscript "C:\Users\Lenovo\AppData\Roaming\windowsupdate" wscript.exe/erMoEJ6JdZJWUfytaXCbqIhg2
C:\Windows\System32\RuntimeBroker.exe -Embedding
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\Syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://127.0.0.1:8384/"
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=81.0.4044.138 --initial-client-data=0xd0,0xd4,0xd8,0x7c,0xdc,0x7ffd02c7bd28,0x7ffd02c7bd38,0x7ffd02c7bd48
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=13464 --on-initialized-event-handle=680 --parent-handle=684 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1612 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1888 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2600 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2796 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3732 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4020 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4256 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4472 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4464 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4748 /prefetch:1
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noexit -e IAAgAHMAbABlAGUAcAAgADgAOwAgAFsAQQBwAHAARABvAG0AYQBpAG4AXQA6ADoAQwB1AHIAcgBlAG4AdABEAG8AbQBhAGkAbgAuAEwAbwBhAGQAKABbAEMAbwBuAHYAZQByAHQAXQA6ADoARgByAG8AbQBiAGEAcwBlADYANABTAHQAcgBpAG4AZwAoACgATgBlAHcALQBPAGIAagBlAGMAdAAgACcATgBlAHQALgBXAGUAYgBDAGwAaQBlAG4AdAAnACkALgAnAEQAbwB3AG4AbABvAGEAZABTAHQAcgBpAG4AZwAnACgAJwBoAHQAdABwADoALwAvAHQAdQBuAGUAcgBvAG4AZwAuAHQAbwBwAC8AZwBvAC8AZwBvAC4AbQBwADMAJwApAC4AcgBlAHAAbABhAGMAZQAoACcAIwAlACoAKQAhACcALAAnAEEAJwApACkAKQAuAEUAbgB0AHIAeQBQAG8AaQBuAHQALgBpAG4AdgBvAGsAZQAoACQAbgB1AGwAbAAsACQAbgB1AGwAbAApAA==
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7388 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6964 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6888 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7220 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6656 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6788 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\svchost.exe -k netsvcs -p -s XblAuthManager
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20212.0_x64__8wekyb3d8bbwe\HxOutlook.exe" -ServerName:microsoft.windowslive.mail.AppXfbjsbkxvprcgqg6q4c9jfr0pn3kv9x5s.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20212.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5392 /prefetch:1
C:\Windows\system32\svchost.exe -k netsvcs -p -s lfsvc

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc

C:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc
"cmd" /c ""C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe" -tag entry=LSBUpdater.exe,info={entry=unknown,afterupdate=no}"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe" -tag entry=LSBUpdater.exe,info={entry=unknown,afterupdate=no}
"C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20022.11011.0_x64__8wekyb3d8bbwe\Music.UI.exe" -ServerName:Microsoft.ZuneMusic.AppX48dcrcgzqqdshm3kf61t0cm5e9pyd6h6.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1624,8566606945331334933,7865102357553396892,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5200 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 772 776 784 8192 780
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
"C:\Users\Lenovo\Downloads\RSITx64.exe"
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\tgjsky57.default-release

"web2pdfextension.17@acrobat.adobe.com"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
"soda_pdf_desktop_11_conv_v.4@sodapdf.com"=C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\soda_pdf_desktop_11_conv_v.4@sodapdf.com.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.251.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.251.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Soda PDF Desktop 11]
"Description"=
"Path"=C:\Program Files (x86)\Soda PDF Desktop 11\np-previewer.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9703de71-ce0d-11e8-9c83-40167e6e7313}]
Soda PDF Desktop 11 Helper - C:\Program Files\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-helper.dll [2019-01-21 78664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-17 480424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9703de71-ce0d-11e8-9c83-40167e6e7313}]
Soda PDF Desktop 11 Helper - C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-helper.dll [2019-01-21 64328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-17 194728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17 171704]
{970516f0-ce0d-11e8-8baa-40167e6e7313} - Soda PDF Desktop 11 Toolbar - C:\Program Files\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-01-21 461128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17 141496]
{970516f0-ce0d-11e8-8baa-40167e6e7313} - Soda PDF Desktop 11 Toolbar - C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-01-21 383816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11 509936]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2020-03-04 3022416]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [2020-05-12 1582952]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2020-04-06 48214752]
"Nexus"= []
"Nexus-Ultimate"=C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe [2011-10-11 14558848]
"NETGEARGenie"=C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [2018-07-23 610904]
"AtomicAlarmClock6"=C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [2016-08-16 5321728]
"CCXProcess"=C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [2020-02-07 597640]
"Adobe Acrobat Synchronizer"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [2020-05-04 5417008]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2020-03-14 9230256]
"uTorrent"=C:\Users\Lenovo\AppData\Roaming\uTorrent\uTorrent.exe [2020-05-17 1829872]
"bvCkqlDgKUt"=C:\Users\Lenovo\AppData\Roaming\Oracle\bin\javaw.exe [2020-04-17 193192]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-05-01 27775672]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"331BigDog"=C:\Program Files (x86)\USB Camera\VM331STI.EXE [2015-09-03 571928]
"ProductUpdater"=C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [2019-12-27 240512]
"Adobe Creative Cloud"=C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2019-09-27 2084920]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [2020-05-04 5641776]
""= []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2020-03-12 646776]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bitmeter2.lnk - C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe

C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
IyJtAZtWgF.url
MEGAsync.lnk - C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe
One Calendar.lnk -
One Task.lnk -
syncthing.exe – zástupce.lnk - C:\Program Files\Syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe
Vista.ini.lnk - C:\Users\Lenovo\AppData\Vista.js
windowsupdate.lnk - C:\Windows\system32\wscript.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DISABLETASKMGR"=2

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableLUA"=0
"EnableUwpStartupTasks"=2
"PromptOnSecureDesktop"=0
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\acs.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AdAwareDesktop.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AdAwareService.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AdAwareTray.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVK.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVKProxy.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVKService.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVKTray.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVKWCtlx64.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpmapp.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\av_task.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Bav.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bavhm.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BavSvc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BavTray.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BavUpdater.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BavWebClient.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BDSSVC.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BgScan.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BullGuard.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BullGuardBhvScanner.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BullGuardUpdate.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BullGuarScanner.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\capinfos.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cavwp.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CertReg.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cis.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CisTray.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\clamscan.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ClamTray.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ClamWin.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmdagent.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ConfigSecurityPolicy.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CONSCTLX.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\coreFrameworkHost.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\coreServiceShell.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dragon_updater.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dumpcap.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\econceal.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\econser.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\editcap.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EMLPROXY.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\escanmon.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\escanpro.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fcappdb.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FCDBlog.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FCHelper64.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FilMsg.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FilUp.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\filwscc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fmon.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FortiClient.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FortiClient_Diagnostic_Tool.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FortiESNAC.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FortiFW.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FortiProxy.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FortiSSLVPNdaemon.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FortiTray.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPAVServer.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FProtTray.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FPWin.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\freshclam.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\freshclamwrap.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsgk32.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSHDLL64.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fshoster32.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSM32.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FSMA32.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fsorsp.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fssm32.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GdBgInx64.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GDKBFltExe32.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GDSC.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GDScan.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardxkickoff_x64.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardxservice.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iptray.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\K7AVScan.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\K7CrvSvc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\K7EmlPxy.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\K7FWSrvc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\K7PSSrvc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\K7RTScan.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\K7SysMon.Exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\K7TSecurity.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\K7TSMain.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\K7TSMngr.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\LittleHook.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbam.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbamscheduler.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbamservice.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MCS-Uninstall.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MCShieldCCC.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MCShieldDS.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MCShieldRTM.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mergecap.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpUXSrv.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MWAGENT.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MWASER.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nanoav.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nanosvc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nbrowser.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nfservice.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NisSrv.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\njeeves2.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nnf.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nprosec.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NS.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nseupdatesvc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvcod.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvcsvc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvoy.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nwscmon.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ONLINENT.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\OPSSVC.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\op_mon.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ProcessHacker.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSANHost.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSUAMain.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PSUAService.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psview.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PtSessionAgent.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PtSvcHost.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PtWatchDog.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\quamgr.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QUHLPSVC.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rawshark.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SAPISSVC.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SASCore64.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SASTask.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SBAMSvc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SBAMTray.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SBPIMSvc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCANNER.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SCANWSCS.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\schmgr.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scproxysrv.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ScSecSvc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDFSSvc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDScan.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDTray.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SDWelcome.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SSUpdate64.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SUPERAntiSpyware.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SUPERDelete.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Taskmgr.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\text2pcap.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TRAYICOS.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TRAYSSER.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\trigger.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tshark.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\twsscan.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\twssrv.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uiSeAgnt.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uiUpdateTray.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uiWatchDog.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uiWinMgr.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UnThreat.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UserAccountControlSettings.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UserReg.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utsvc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\V3Main.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\V3Medic.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\V3Proxy.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\V3SP.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\V3Svc.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\V3Up.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VIEWTCP.EXE]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VIPREUI.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\virusutilities.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WebCompanion.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wireshark.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Zanda.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Zlh.exe]
"Debugger="svchost.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zlhh.exe]
"Debugger="svchost.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-05-18 17:54:05 ----D---- C:\rsit
2020-05-18 17:54:05 ----D---- C:\Program Files\trend micro
2020-05-18 12:43:32 ----A---- C:\Windows\system32\rfxvmt.dll
2020-05-17 19:23:42 ----D---- C:\Users\Lenovo\AppData\Roaming\Opera Software
2020-05-17 13:14:37 ----A---- C:\Users\Lenovo\AppData\Roaming\ID.js
2020-05-16 20:39:01 ----RHD---- C:\ProgramData\478A5347
2020-05-16 20:38:56 ----A---- C:\Users\Lenovo\AppData\Roaming\notepad.exe
2020-05-16 14:29:10 ----A---- C:\Windows\SYSWOW64\test.txt
2020-05-16 09:41:55 ----D---- C:\Program Files (x86)\HiSuite
2020-05-15 14:00:31 ----A---- C:\Users\Lenovo\AppData\Roaming\oicxmzkagb.txt
2020-05-15 13:51:45 ----AD---- C:\Users\Lenovo\AppData\Roaming\Oracle
2020-05-15 13:51:43 ----A---- C:\Users\Lenovo\AppData\Roaming\jbghuhqrms.txt
2020-05-14 17:15:52 ----D---- C:\Program Files (x86)\WondershareUpdate
2020-05-14 17:15:07 ----D---- C:\Wondershare UniConverter
2020-05-14 17:13:37 ----D---- C:\ProgramData\GraphicsType
2020-05-14 17:13:26 ----D---- C:\ProgramData\Wondershare MediaServer
2020-05-14 17:13:00 ----D---- C:\Users\Lenovo\AppData\Roaming\TransferSupport
2020-05-14 17:13:00 ----D---- C:\ProgramData\Wondershare
2020-05-14 17:13:00 ----D---- C:\Program Files (x86)\Wondershare
2020-05-12 21:52:41 ----HD---- C:\OneDriveTemp
2020-05-12 15:02:10 ----D---- C:\Users\Lenovo\AppData\Roaming\AIMP
2020-05-12 15:02:10 ----D---- C:\Program Files (x86)\AIMP
2020-05-10 14:50:52 ----A---- C:\Windows\system32\drivers\WUDFUpdate_01009.dll
2020-05-10 14:50:52 ----A---- C:\Windows\system32\drivers\winusbcoinstaller2.dll
2020-05-10 14:50:52 ----A---- C:\Windows\system32\drivers\WdfCoInstaller01009.dll
2020-05-10 14:50:52 ----A---- C:\Windows\system32\drivers\hw_usbdev.sys
2020-05-10 14:50:52 ----A---- C:\Windows\system32\drivers\hw_quusbnet.sys
2020-05-10 14:50:52 ----A---- C:\Windows\system32\drivers\hw_quusbmdm.sys
2020-05-10 14:50:52 ----A---- C:\Windows\system32\drivers\hw_cdcacm.sys
2020-05-10 14:50:52 ----A---- C:\Windows\system32\drivers\ew_usbccgpfilter.sys
2020-04-28 23:46:31 ----D---- C:\Windows\Minidump

======List of files/folders modified in the last 1 month======

2020-05-18 17:54:08 ----D---- C:\Windows\Prefetch
2020-05-18 17:54:05 ----RD---- C:\Program Files
2020-05-18 17:53:25 ----D---- C:\ProgramData\NVIDIA
2020-05-18 17:53:20 ----D---- C:\ProgramData\Bitmeter2
2020-05-18 17:52:05 ----D---- C:\Users\Lenovo\AppData\Roaming\uTorrent
2020-05-18 17:51:33 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-05-18 17:51:27 ----D---- C:\Windows\Temp
2020-05-18 17:51:26 ----D---- C:\Windows\System32
2020-05-18 17:51:03 ----D---- C:\Windows\system32\sru
2020-05-18 17:50:23 ----D---- C:\Windows\system32\Tasks
2020-05-18 17:48:19 ----D---- C:\Windows\LiveKernelReports
2020-05-18 17:48:19 ----D---- C:\Windows\INF
2020-05-18 17:48:19 ----D---- C:\Windows
2020-05-18 17:45:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-05-18 12:43:32 ----D---- C:\Windows\Branding
2020-05-18 09:18:24 ----D---- C:\Windows\system32\SleepStudy
2020-05-17 14:28:47 ----RD---- C:\Windows\Microsoft.NET
2020-05-16 20:39:01 ----HD---- C:\ProgramData
2020-05-16 14:30:06 ----D---- C:\Windows\apppatch
2020-05-16 14:29:10 ----D---- C:\Windows\SysWOW64
2020-05-16 14:28:12 ----D---- C:\Windows\system32\catroot2
2020-05-16 13:36:20 ----D---- C:\Program Files\SUPERAntiSpyware
2020-05-16 09:41:59 ----D---- C:\Windows\system32\DriverStore
2020-05-16 09:41:59 ----D---- C:\Windows\system32\drivers
2020-05-16 09:41:55 ----RD---- C:\Program Files (x86)
2020-05-15 16:54:34 ----D---- C:\Windows\SoftwareDistribution
2020-05-15 16:54:34 ----D---- C:\Windows\debug
2020-05-15 14:01:16 ----D---- C:\Users\Lenovo\AppData\Roaming\Wondershare
2020-05-15 12:31:31 ----SHDC---- C:\Windows\Installer
2020-05-15 12:31:30 ----SHD---- C:\Config.Msi
2020-05-15 08:36:25 ----D---- C:\Program Files (x86)\Mp3tag
2020-05-15 08:36:07 ----D---- C:\Users\Lenovo\AppData\Roaming\Mp3tag
2020-05-14 17:13:04 ----RSD---- C:\Windows\Fonts
2020-05-13 12:00:01 ----D---- C:\Windows\system32\LogFiles
2020-05-13 09:57:43 ----D---- C:\Windows\Logs
2020-05-13 07:06:36 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2020-05-11 17:30:06 ----D---- C:\Users\Lenovo\AppData\Roaming\audacity
2020-05-10 15:28:22 ----D---- C:\ProgramData\TePmHeashU
2020-05-10 06:33:45 ----D---- C:\Users\Lenovo\AppData\Roaming\Logs
2020-05-04 02:13:26 ----A---- C:\Windows\system32\vccorlib140.dll
2020-05-04 02:13:12 ----A---- C:\Windows\system32\msvcp140_2.dll
2020-05-04 02:13:12 ----A---- C:\Windows\system32\msvcp140_1.dll
2020-05-04 02:13:12 ----A---- C:\Windows\system32\concrt140.dll
2020-05-03 17:13:26 ----A---- C:\Windows\system32\vcruntime140_1.dll
2020-05-03 17:13:12 ----A---- C:\Windows\system32\msvcp140_codecvt_ids.dll
2020-04-28 16:55:56 ----D---- C:\Program Files (x86)\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2019-03-19 56632]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2017-01-17 48696]
R1 afunix;afunix; C:\Windows\system32\drivers\afunix.sys [2020-03-12 40960]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2019-03-19 70456]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2020-03-12 457216]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2019-03-19 53760]
R2 NPF;NetGroup Packet Filter Driver; \??\C:\WINDOWS\system32\drivers\npf.sys [2020-01-02 35344]
R3 ACPIVPC;@oem87.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\Windows\System32\drivers\AcpiVpc.sys [2015-06-04 42328]
R3 bcbtums;@oem77.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2015-10-12 227144]
R3 BCM43XX;@oem2.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2020-02-02 10770696]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\Windows\system32\drivers\bindflt.sys [2020-02-14 117264]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2020-03-12 114688]
R3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\Windows\System32\drivers\BthHfAud.sys [2019-03-19 57856]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2019-03-19 133120]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\drivers\BTHUSB.sys [2020-03-12 99328]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2019-03-19 64312]
R3 ETD;@oem81.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2015-10-07 525512]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2016-05-04 3811288]
R3 IntcDAud;@oem71.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\System32\drivers\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem79.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\System32\drivers\L1C63x64.sys [2019-03-19 121344]
R3 MEIx64;@oem84.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2016-02-10 194624]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
R3 nvlddmkm;nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [2017-01-17 14190520]
R3 nvvad_WaveExtensible;@oem83.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2019-04-17 69840]
R3 nvvhci;@oem73.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\Windows\System32\drivers\nvvhci.sys [2019-08-23 75600]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2019-03-19 211456]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys []
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\Windows\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 MbamElam;MbamElam; C:\Windows\system32\DRIVERS\MbamElam.sys [2020-03-13 20936]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\Windows\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\Windows\System32\drivers\scmbus.sys [2019-03-19 151352]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\Windows\system32\drivers\Acx01000.sys [2020-03-12 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\Windows\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\Windows\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 AppleLowerFilter;@oem6.inf,%AppleLowerFilterDisplayName%;Apple Lower Filter Driver; C:\Windows\System32\drivers\AppleLowerFilter.sys [2018-05-10 35560]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2020-01-01 18432]
S3 BCMWL63A;@oem82.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2020-02-02 10770696]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\Windows\System32\drivers\BthA2dp.sys [2020-01-01 231936]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\Windows\System32\drivers\BTHMINI.sys [2020-03-12 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\drivers\BTHport.sys [2020-03-12 1428992]
S3 btwampfl;@oem77.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2015-10-12 234800]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2020-01-01 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\Windows\System32\drivers\hidspi.sys [2020-01-01 64000]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2020-02-14 84496]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\Windows\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\Windows\system32\drivers\MbbCx.sys [2020-01-01 359424]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\Windows\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\Windows\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2019-07-23 30336]
S3 PktMon;Packet Monitor Driver; C:\Windows\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\Windows\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2020-01-01 986936]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2016-12-21 40240]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\Windows\System32\drivers\rhproxy.sys [2019-03-19 113152]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\Windows\System32\drivers\SDFRd.sys [2019-03-19 33592]
S4 hvcrash;hvcrash; C:\Windows\System32\drivers\hvcrash.sys [2019-03-19 32568]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 478A5347;478A5347; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-02-25 88648]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2019-09-27 823352]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2020-03-04 3374160]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020-03-04 3103824]
R2 AtomicAlarmClock;Atomic Alarm Clock Time; C:\Program Files\Free Desktop Clock\timeserv.exe [2013-04-24 2007040]
R2 BcmBtRSupport;@oem77.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2015-10-12 2297104]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CAMService;CAM Service; C:\Program Files\NZXT CAM\resources\app.asar [2020-04-01 118533681]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_6132d;Uživatelská služba platformy připojených zařízení_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2019-03-19 53744]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2019-12-27 81280]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2019-12-27 190784]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-05-04 337888]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-09-28 858480]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-12-29 458176]
R2 OneSyncSvc_6132d;Hostitel synchronizace_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_6132d;Uživatelská služba schránky_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2019-03-19 53744]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-12-12 43704]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2019-03-19 53744]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2019-03-19 53744]
R3 PimIndexMaintenanceSvc_6132d;Data kontaktů_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2017-01-31 173472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-12-10 155432]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_6132d;Agent Activation Runtime_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_6132d;Uživatelská služba pro GameDVR a vysílání her_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_6132d;Služba pro podporu uživatelů Bluetooth_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_6132d;CaptureService_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_6132d;ConsentUX_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-05-04 299488]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\Windows\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 CredentialEnrollmentManagerUserSvc_6132d;CredentialEnrollmentManagerUserSvc_6132d; C:\Windows\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_6132d;DeviceAssociationBroker_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_6132d;DevicePicker_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_6132d;Tok zařízení_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-03-12 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 FileSyncHelper;FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\FileSyncHelper.exe [2020-05-12 2150248]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2020-01-15 342456]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe [2020-05-02 1095664]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-12-10 155432]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2020-03-13 6933272]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_6132d;Služba zasílání zpráv_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-12-02 244936]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 NETGEARGenieDaemon;NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2017-07-04 233456]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2019-09-28 858480]
S3 OneDrive Updater Service;OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\OneDriveUpdaterService.exe [2020-05-12 2509688]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_6132d;PrintWorkflow_6132d; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\Windows\System32\svchost.exe [2019-03-19 53744]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\Windows\system32\svchost.exe [2019-03-19 53744]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2019-03-19 1264128]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2019-03-19 53744]

-----------------EOF-----------------

[Rudy]

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT není s desítkami kompatibilní. Děkuji.

[Ivošisko]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by Lenovo (18-05-2020 19:15:20)
Running from C:\Users\Lenovo\Downloads
Windows 10 Home Version 1903 18362.720 (X64) (2019-12-12 03:28:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-760426430-1322398698-3842268529-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-760426430-1322398698-3842268529-503 - Limited - Disabled)
Guest (S-1-5-21-760426430-1322398698-3842268529-501 - Limited - Disabled)
Lenovo (S-1-5-21-760426430-1322398698-3842268529-1001 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-760426430-1322398698-3842268529-504 - Limited - Disabled)
WgaUtilAcc (S-1-5-21-760426430-1322398698-3842268529-1002 - Administrator - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\uTorrent) (Version: 3.5.5.45574 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.009.20063 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20063 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.60.2180, 25.03.2020 - AIMP DevTeam)
Aktualizace NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Atomic Alarm Clock 6.3 beta (HKLM\...\Atomic Alarm Clock_is1) (Version: - Drive Software Company)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Avidemux VC++ 64bits (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\{2799a4bd-577f-45de-a7eb-330cdd2c2ab0}) (Version: 2.7.5 - Mean)
Backup and Sync from Google (HKLM\...\{FE296942-D2D3-4149-8895-60655FE4CFDE}) (Version: 3.49.9800.0000 - Google, Inc.)
BitMeter (HKLM-x32\...\BitMeter) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 7.35.317.3 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
CrystalDiskInfo 8.4.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.4.0 - Crystal Dew World)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
FastStone Image Viewer 7.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.4 - FastStone Soft)
FlashPeak Slimjet 64bit (HKLM\...\Slimjet) (Version: 25.0.11.0 - FlashPeak Inc.)
Free Desktop Clock 3.0 (HKLM\...\Free Desktop Clock_is1) (Version: - Drive Software Company)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.4 - Ellora Assets Corporation)
Futuremark SystemInfo (HKLM-x32\...\{A93C08EF-FEB5-49B0-BA5C-2149018683B5}) (Version: 5.26.809.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.0.1.100 - )
inSSIDer (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\inSSIDer) (Version: 5.2.14 - MetaGeek, LLC)
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo Service Bridge (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.0.5 - Lenovo)
LibreOffice 6.4 Help Pack (Czech) (HKLM\...\{AE983296-8590-4589-84E0-80B8C30ED803}) (Version: 6.4.0.3 - The Document Foundation)
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MKVToolNix 43.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 43.0.0 - Moritz Bunkus)
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.1.0 - Mozilla)
Mp3tag v3.01 (HKLM-x32\...\Mp3tag) (Version: 3.01 - Florian Heidenreich)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.60.00 - NETGEAR Inc.)
Nexus Ultimate 11.6 (HKLM-x32\...\Nexus Ultimate_is1) (Version: - )
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NZXT CAM 4.4.2 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.4.2 - NZXT, Inc.)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 200317 - Kakao Corp.)
Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Soda PDF Desktop 11 Asian Fonts Pack (HKLM\...\{D336848F-432B-4836-AE2C-E4ABFC7F314A}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Convert Module (HKLM\...\{B0628573-EBC2-4442-808E-00ED1EBB129C}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Create Module (HKLM\...\{B3F86380-B7CA-47CA-9AA0-FFEBD3E6263E}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Edit Module (HKLM\...\{136C67C4-E28C-46BA-A594-C5595C183E5E}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Forms Module (HKLM\...\{1B9DFB67-93F9-499A-BDCA-B3AAED43F152}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Insert Module (HKLM\...\{1F509347-B3F4-489C-8119-D1B85181ED71}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Review Module (HKLM\...\{A478AFED-D891-4635-895A-206581109C03}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Secure Module (HKLM\...\{2CEE9074-55A0-4362-9450-D17789E382C4}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 View Module (HKLM\...\{3F89F739-B2BB-4EE3-90E1-610F3D50EB61}) (Version: 11.0.7.2753 - LULU Software)
SoftPerfect Network Scanner version 7.2.6 (HKLM\...\{8083C3D9-F400-48FA-B060-CF55F25E2D4B}_is1) (Version: 7.2.6 - SoftPerfect Pty Ltd)
Speedtest by Ookla (HKLM\...\{86E09239-75BC-449E-A288-712FF12A4F02}) (Version: 1.3.39.001 - Ookla)
Spy Emergency 2019-25.0.680 (HKLM\...\Spy Emergency_is1) (Version: - NETGATE Technologies s.r.o.)
Subtitle Edit 3.5.13 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.13.0 - Nikse)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1052 - SUPERAntiSpyware.com)
SUPERAntiSpyware 5.7.1026 (HKLM-x32\...\SUPERAntiSpyware 5.7.1026) (Version: 5.7.1026 - skoda.josef@gmail.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Vistumbler (HKLM-x32\...\Vistumbler) (Version: 10.6.5 - Vistumbler.net)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WiFi Scanner (HKLM-x32\...\{1224CE90-0AA3-41AF-B51F-61C8C796C401}) (Version: 0.8.626 - AccessAgility)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare AllMyTube(Build 7.4.9.2) (HKLM-x32\...\AllMyTube_is1) (Version: 7.4.9.2 - Wondershare)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter(Build 11.7.3.1) (HKLM-x32\...\UniConverter_is1) (Version: 11.7.3.1 - Wondershare Software)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2020-02-28] (Adobe Systems Incorporated)
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2020-01-14] (Adobe Systems Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.164.200.0_x86__kgqvnymyfvs32 [2020-03-20] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-02-04] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2020.229.1.0_x64__8kea50m9krsh2 [2020-03-06] (Code Spark)
One Task -> C:\Program Files\WindowsApps\64885BlueEdge.OneTask_2018.1124.1.0_x64__8kea50m9krsh2 [2020-03-13] (Code Spark)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.5.1.0_x64__gs5k5vmxr2ste [2020-01-14] (Matt Hafner)
Wifi Analyzer and Scanner -> C:\Program Files\WindowsApps\28877WebProvider.WifiAnalyzerandScanner_1.2.1.0_x64__gdrx0g078t8zg [2019-12-29] (WebProvider)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{0AC68F4B-F9F7-475B-A5B4-383171479500} -> [MEGA] => C:\Users\Lenovo\Documents\MEGA [2020-02-29 13:36]
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-1A069473058F} -> [Creative Cloud Files] => C:\Users\Lenovo\Creative Cloud Files0
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.052.0311.0011\amd64\FileSyncShell64.dll [2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-05-12] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [SodaPDFDesktop11_ManagerExt] -> {95288ec1-ce0d-11e8-b453-40167e6e7313} => C:\Program Files\Soda PDF Desktop 11\context-menu.dll [2019-01-21] (LULU Software -> LULU Software)
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => C:\Program Files\NETGATE\Spy Emergency\menuext.dll [2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.052.0311.0011\amd64\FileSyncShell64.dll [2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-05-12] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => C:\Program Files\NETGATE\Spy Emergency\menuext.dll [2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.052.0311.0011\amd64\FileSyncShell64.dll [2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => C:\Program Files\NETGATE\Spy Emergency\menuext.dll [2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-03-17 02:34 - 2015-03-17 02:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze
2016-03-03 06:17 - 2016-03-03 06:17 - 000136704 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2016-03-03 06:17 - 2016-03-03 06:17 - 000146944 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2016-01-15 04:06 - 2016-01-15 04:06 - 000057344 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2016-02-22 10:25 - 2016-02-22 10:25 - 000116224 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2015-08-24 10:41 - 2015-08-24 10:41 - 002360622 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
2019-05-22 10:09 - 2019-05-22 10:09 - 000713728 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2018-07-20 06:31 - 2018-07-20 06:31 - 000168448 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2018-07-20 06:31 - 2018-07-20 06:31 - 000591872 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2019-05-15 10:07 - 2019-05-15 10:07 - 006903808 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2018-07-20 06:36 - 2018-07-20 06:36 - 002980352 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll
2019-05-15 10:07 - 2019-05-15 10:07 - 000967168 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2019-04-19 08:38 - 2019-04-19 08:38 - 001259520 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2018-11-22 03:58 - 2018-11-22 03:58 - 011973632 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2019-05-15 10:05 - 2019-05-15 10:05 - 002683392 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2019-05-22 11:51 - 2019-05-22 11:51 - 000278528 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2019-05-22 10:14 - 2019-05-22 10:14 - 000888832 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2018-11-20 12:34 - 2018-11-20 12:34 - 000422400 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2018-12-12 12:36 - 2018-12-12 12:36 - 000633344 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2018-07-20 06:33 - 2018-07-20 06:33 - 000433664 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2014-12-21 18:07 - 2014-12-21 18:07 - 000119822 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2014-12-21 18:07 - 2014-12-21 18:07 - 001026062 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000111616 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlc.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 002285056 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlccore.dll
2016-03-03 06:17 - 2016-03-03 06:17 - 000074752 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000219648 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000049664 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000051200 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000051200 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\control\libhotkeys_plugin.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000037376 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\mmxext\libmemcpymmxext_plugin.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000070144 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll
2016-02-26 12:07 - 2016-02-26 12:07 - 000049152 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2016-08-15 10:28 - 2016-08-15 10:28 - 001125888 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\qwt.dll
2019-05-22 10:13 - 2019-05-22 10:13 - 001701376 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2016-03-03 06:17 - 2016-03-03 06:17 - 000072192 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll
2016-01-15 04:23 - 2016-01-15 04:23 - 000026112 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2016-04-12 08:13 - 2016-04-12 08:13 - 000067072 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2020-02-06 20:13 - 2016-08-09 13:57 - 001886720 _____ () [File not signed] C:\Program Files\Atomic Alarm Clock\Clock.dll
2020-01-02 23:29 - 2007-11-02 16:20 - 001403904 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\LIBEAY32.dll
2020-01-02 23:29 - 2007-11-02 16:20 - 000243712 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\SSLEAY32.dll
2020-01-02 23:29 - 2007-09-04 15:25 - 000198144 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\unrar.dll
2020-03-06 23:03 - 2020-03-06 23:19 - 017845248 _____ () [File not signed] C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2020.229.1.0_x64__8kea50m9krsh2\CalendarApp.Gui.Win10.dll
2020-03-13 03:19 - 2020-03-13 03:20 - 010892800 _____ () [File not signed] C:\Program Files\WindowsApps\64885BlueEdge.OneTask_2018.1124.1.0_x64__8kea50m9krsh2\TaskApp.Gui.Win10.dll
2020-05-16 20:39 - 2020-05-16 20:39 - 000831488 ___RH () [File not signed] C:\ProgramData\478A5347\284EE138.dll
2020-05-16 20:39 - 2020-05-16 20:39 - 001117696 ___RH () [File not signed] C:\ProgramData\478A5347\B79C6115.dll
2020-05-18 19:10 - 2020-05-18 19:10 - 000114176 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\_ctypes.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000173056 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\_elementtree.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 002133504 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\_hashlib.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000032256 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\_multiprocessing.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000046080 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\_psutil_windows.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000047616 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\_socket.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 002701824 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\_ssl.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000026112 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\_yappi.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000080896 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\bz2.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000016384 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\common.time34.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000007680 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\hashobjs_ext.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000301568 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\PIL._imaging.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000169472 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\pyexpat.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 001084416 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\pysqlite2._sqlite.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000548864 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\pythoncom27.dll
2020-05-18 19:10 - 2020-05-18 19:10 - 000137728 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\pywintypes27.dll
2020-05-18 19:10 - 2020-05-18 19:10 - 000010752 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\select.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000020992 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\thumbnails_ext.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000689664 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\unicodedata.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000119808 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\usb_ext.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000128512 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\win32api.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000438784 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\win32com.shell.shell.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000011776 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\win32crypt.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000023040 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\win32event.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000149504 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\win32file.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000223232 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\win32gui.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000048128 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\win32inet.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000029696 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\win32pdh.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000027648 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\win32pipe.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000044032 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\win32process.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000020480 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\win32profile.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000136192 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\win32security.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000026624 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\win32ts.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000034816 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\windows.conditional.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000038400 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\windows.connectivity.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000071680 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\windows.device_monitor.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000109056 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\windows.volumes.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000020480 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\windows.winwrap.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 001325056 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\wx._controls_.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 001489408 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\wx._core_.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 001007104 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\wx._gdi_.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000103424 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\wx._html2.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 000916992 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\wx._misc_.pyd
2020-05-18 19:10 - 2020-05-18 19:10 - 001039872 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\wx._windows_.pyd
2014-11-11 13:00 - 2014-11-11 13:00 - 000967168 _____ () [File not signed] c:\windows\branding\mediasvc.png
2020-01-02 23:29 - 2011-08-15 18:49 - 001965056 _____ (CPULib Team) [File not signed] C:\Program Files\NETGATE\Spy Emergency\CPULib.dll
2014-11-11 13:00 - 2014-11-11 13:00 - 000056320 _____ (important) [File not signed] c:\windows\branding\mediasrv.png
2020-05-18 12:43 - 2020-05-18 12:43 - 000040960 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\rfxvmt.dll
2014-12-21 18:07 - 2014-12-21 18:07 - 000049152 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libwinpthread-1.dll
2013-02-19 08:46 - 2013-02-19 08:46 - 000220160 _____ (NETGEAR Inc.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\NETGEAR_PLC_L2_API.dll
2014-03-24 04:32 - 2014-03-24 04:32 - 000060273 _____ (Open Source Software community project) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\pthreadGC2.dll
2020-05-18 19:10 - 2020-05-18 19:10 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\python27.dll
2020-03-06 23:03 - 2020-03-06 23:19 - 001700864 _____ (SQLite Development Team) [File not signed] C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2020.229.1.0_x64__8kea50m9krsh2\sqlite3.dll
2020-03-13 03:19 - 2020-03-13 03:19 - 001645568 _____ (SQLite Development Team) [File not signed] C:\Program Files\WindowsApps\64885BlueEdge.OneTask_2018.1124.1.0_x64__8kea50m9krsh2\sqlite3.dll
2018-12-10 10:29 - 2018-12-10 10:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\Soda PDF Desktop 11\libcurl.dll
2013-02-11 03:35 - 2013-02-11 03:35 - 001178624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\LIBEAY32.dll
2013-02-11 03:35 - 2013-02-11 03:35 - 000269824 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\ssleay32.dll
2015-10-12 21:44 - 2015-10-12 21:44 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll
2015-10-12 21:45 - 2015-10-12 21:45 - 000034816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll
2015-10-12 21:45 - 2015-10-12 21:45 - 000246784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll
2015-10-12 21:58 - 2015-10-12 21:58 - 000366592 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qmng.dll
2015-10-12 21:48 - 2015-10-12 21:48 - 000028672 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll
2015-10-12 21:58 - 2015-10-12 21:58 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtga.dll
2015-10-12 21:58 - 2015-10-12 21:58 - 000433664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtiff.dll
2015-10-12 21:58 - 2015-10-12 21:58 - 000027136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qwbmp.dll
2015-10-12 21:46 - 2015-10-12 21:46 - 001413632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll
2015-10-12 21:47 - 2015-10-12 21:47 - 000044544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
2015-11-19 06:54 - 2015-11-19 06:54 - 005391360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Core.dll
2015-10-12 21:31 - 2015-10-12 21:31 - 005334528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Gui.dll
2015-10-12 21:26 - 2015-10-12 21:26 - 001528832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Network.dll
2015-10-12 21:42 - 2015-10-12 21:42 - 000334848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5OpenGL.dll
2016-04-13 04:52 - 2016-04-13 04:52 - 000357888 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5PrintSupport.dll
2015-10-12 21:48 - 2015-10-12 21:48 - 000331776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Svg.dll
2015-10-12 21:37 - 2015-10-12 21:37 - 006541824 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Widgets.dll
2015-10-12 21:25 - 2015-10-12 21:25 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Xml.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qgif.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qicns.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qico.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qjpeg.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qsvg.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qtga.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qtiff.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qwbmp.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qwebp.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\platforms\qwindows.dll
2020-02-06 20:13 - 2013-02-19 19:16 - 000223744 _____ (Un4seen Developments) [File not signed] C:\Program Files\Atomic Alarm Clock\bass.dll
2019-12-15 05:18 - 2011-05-26 19:20 - 000025088 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxMMTimer.dll
2020-05-18 19:10 - 2020-05-18 19:10 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\wxbase30u_net_vc90_x64.dll
2020-05-18 19:10 - 2020-05-18 19:10 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\wxbase30u_vc90_x64.dll
2020-05-18 19:10 - 2020-05-18 19:10 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\wxmsw30u_adv_vc90_x64.dll
2020-05-18 19:10 - 2020-05-18 19:10 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\wxmsw30u_core_vc90_x64.dll
2020-05-18 19:10 - 2020-05-18 19:10 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\wxmsw30u_html_vc90_x64.dll
2020-05-18 19:10 - 2020-05-18 19:10 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI105042\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2020-04-01 09:29 - 000001050 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 activation.acronis.com web-api-tih.acronis.com
127.0.0.1 activation.acronis.com web-api-tih.acronis.com
127.0.0.1 superantispyware.com
127.0.0.1 license.superantispyware.com
127.0.0.1 platform.wondershare.com

2019-12-11 00:22 - 2020-01-01 21:30 - 000000446 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\Disk Google\FOTA\Žbytek\pozadi_desktop.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\StartupApproved\Run: => "CCXProcess"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ECC5C0DF-C134-40A8-9601-7CBC3691B50B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{32264D73-4A5A-4A5A-9BCA-378659F18271}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B8CAF877-3F51-4C3A-B0A0-AA99D451982C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{826B3E9F-B6C6-448C-9D76-C61DCBBD9D55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{51CD8B13-C161-4AA3-9D9C-ECCA1E9127C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E93BA065-E320-40F8-9037-D61F84DCCA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8A5D56B0-A3AA-4D45-9A96-6BDA5305D721}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CCBBDA7F-E030-4D56-B4A9-3FB611C4B13C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{69E0CBFD-18B6-4005-9FD0-A0668760395C}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
FirewallRules: [UDP Query User{FDF815F9-202B-4C72-9DC4-2F7267662A34}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
FirewallRules: [TCP Query User{E4B9757F-1A41-4FD0-BBAC-5AF4CEC63EEF}C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe] => (Allow) C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> )
FirewallRules: [UDP Query User{0AEB44B9-512C-4883-93FF-AC00848676D0}C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe] => (Allow) C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> )
FirewallRules: [TCP Query User{9EE078EE-93C5-4269-9E34-2E57440E1E3C}C:\program files\slimjet\slimjet.exe] => (Allow) C:\program files\slimjet\slimjet.exe (FlashPeak Inc. -> FlashPeak Inc.)
FirewallRules: [UDP Query User{249DADE6-0CED-4CA5-9CF4-3A26ECF6DAB3}C:\program files\slimjet\slimjet.exe] => (Allow) C:\program files\slimjet\slimjet.exe (FlashPeak Inc. -> FlashPeak Inc.)
FirewallRules: [{2AD33F00-D99B-4A75-B96A-0B3A2C590268}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C653BB6-22A9-498C-9A9E-BD9FC8D11DD3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{69CC26C3-C176-4998-864F-D6238211EF3B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{594CE807-87B7-4A0C-8C3F-2CA276A9033B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{C2CA6D5F-6D93-4143-AEF8-4F567BF6B6D8}C:\users\lenovo\appdata\anydesk.exe] => (Block) C:\users\lenovo\appdata\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{AC70804A-2780-4E53-A515-6D72A843DCD4}C:\users\lenovo\appdata\anydesk.exe] => (Block) C:\users\lenovo\appdata\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{7D2C1581-0DB3-413B-801A-8ACE91874562}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{EE542E4B-1D2E-4A70-A7D9-7E289BCB200B}C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe] => (Block) C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> )
FirewallRules: [UDP Query User{5F3C8115-83D4-4FD3-988B-9B5F3CBDAFA2}C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe] => (Block) C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> )
FirewallRules: [{FB958E14-041F-4A53-B444-57EEC02D7A60}] => (Allow) C:\Users\Lenovo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{49D44BF3-1090-4AAA-9A6C-2AE635E315F6}] => (Allow) C:\Users\Lenovo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/18/2020 07:11:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 155.0.168.192.in-addr.arpa. PTR DESKTOP-AJUSQ3V.local.

Error: (05/18/2020 07:11:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.155:5353 25 155.0.168.192.in-addr.arpa. PTR DESKTOP-AJUSQ3V-2.local.

Error: (05/18/2020 07:07:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5196,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\Windows\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/18/2020 07:01:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 155.0.168.192.in-addr.arpa. PTR DESKTOP-AJUSQ3V.local.

Error: (05/18/2020 07:01:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.155:5353 25 155.0.168.192.in-addr.arpa. PTR DESKTOP-AJUSQ3V-2.local.

Error: (05/18/2020 06:57:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5808,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\Windows\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/18/2020 06:51:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 155.0.168.192.in-addr.arpa. PTR DESKTOP-AJUSQ3V.local.

Error: (05/18/2020 06:51:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.155:5353 25 155.0.168.192.in-addr.arpa. PTR DESKTOP-AJUSQ3V-2.local.


System errors:
=============
Error: (05/18/2020 07:14:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (05/18/2020 07:14:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJUSQ3V)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/18/2020 07:12:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (05/18/2020 07:12:58 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/18/2020 07:10:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (05/18/2020 07:10:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba !SASCORE neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/18/2020 07:10:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby !SASCORE bylo dosaženo časového limitu (45000 ms).

Error: (05/18/2020 07:10:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luafv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.


Windows Defender:
===================================
Date: 2020-03-21 22:41:36.104
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {98657F1E-8680-4CCE-94A1-A077C5F66E0C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-19 20:57:46.592
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FE8D7ADF-2D72-431B-8B91-AB63E279CA6A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-18 19:47:18.566
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {36D017AC-1B3D-4AA8-8D42-0564EC175D29}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-18 18:21:07.747
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Lenovo\AppData\Local\Temp\Kill.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AJUSQ3V\Lenovo
Název procesu: C:\Users\Lenovo\Desktop\Patch\Patch\Acronis True Image 2020 v24 Patch.exe
Verze bezpečnostních informací: AV: 1.311.1479.0, AS: 1.311.1479.0, NIS: 1.311.1479.0
Verze modulu: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-18 14:17:52.463
Description:
Antivirová ochrana v programu Windows Defender zjistil podezřelé chování.
Název: Behavior:Win32/ModifiedBootRecord
ID: 504435955
Závažnost: Nízké
Kategorie: Podezřelé chování
Nalezená cesta: file:_C:\Users\Lenovo\AppData\Local\Temp\un5005.exe; process:_1932
Původ detekce: Místní počítač
Typ detekce: Podezřelý
Zdroj detekce: Ochrana v reálném čase
Stav: Provádění
Uživatel: DESKTOP-AJUSQ3V\Lenovo
Název procesu: C:\Users\Lenovo\AppData\Local\Temp\un5005.exe
ID bezpečnostních informací: 23858570787236
Verze bezpečnostních informací: AV: 1.311.1454.0, AS: 1.311.1454.0
Verze modulu: 1.1.16800.2
Štítek věrnosti: Střední
Název cílového souboru:

CodeIntegrity:
===================================

Date: 2020-05-18 19:15:21.700
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 19:15:21.698
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 19:13:35.256
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 19:13:35.255
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 19:13:02.691
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 19:13:02.688
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 19:10:55.289
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 19:10:55.288
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO 7ACN24WW 06/25/2013
Motherboard: LENOVO G700
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 56%
Total physical RAM: 8071.35 MB
Available physical RAM: 3519.62 MB
Total Virtual: 16263.35 MB
Available Virtual: 10862.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.02 GB) (Free:214.97 GB) NTFS

\\?\Volume{d5ebbff9-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D5EBBFF9)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Ran by Lenovo (administrator) on DESKTOP-AJUSQ3V (LENOVO 20251) (18-05-2020 19:14:07)
Running from C:\Users\Lenovo\Downloads
Loaded Profiles: Lenovo
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe
() [File not signed] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
() [File not signed] C:\Program Files\Free Desktop Clock\timeserv.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Lenovo\AppData\Roaming\uTorrent\helper\helper.exe
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Lenovo\AppData\Roaming\uTorrent\updates\3.5.5_45574\utorrentie.exe <2>
(BitTorrent Inc -> BitTorrent Inc.) C:\Users\Lenovo\AppData\Roaming\uTorrent\uTorrent.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Code Spark) C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2020.229.1.0_x64__8kea50m9krsh2\CalendarApp.Gui.Win10.exe
(Code Spark) C:\Program Files\WindowsApps\64885BlueEdge.OneTask_2018.1124.1.0_x64__8kea50m9krsh2\TaskApp.Gui.Win10.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <32>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Kastelo AB -> ) C:\Program Files\Syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe <2>
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\creator\common\creator-ws.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\updater-ws.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\ws.exe
(Mega Limited -> Mega Limited) C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20212.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20212.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20022.11011.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <2>
(Microsoft Windows Hardware Compatibility Publisher -> Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Mixbyte Inc -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
(NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(NETGEAR TAIWAN CO., LTD -> ) C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Users\Lenovo\AppData\Roaming\Oracle\bin\java.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Users\Lenovo\AppData\Roaming\Oracle\bin\javaw.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [571928 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [240512 2019-12-27] (Mixbyte Inc -> )
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5641776 2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1582952 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214752 2020-04-06] (Google LLC -> )
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [Nexus] => [X]
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [Nexus-Ultimate] => C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe [14558848 2011-10-11] (Winstep Software Technologies) [File not signed]
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [610904 2018-07-23] (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [AtomicAlarmClock6] => C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [5321728 2016-08-16] () [File not signed]
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [597640 2020-02-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5417008 2020-05-04] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9230256 2020-03-14] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [uTorrent] => C:\Users\Lenovo\AppData\Roaming\uTorrent\uTorrent.exe [2073328 2020-02-18] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [bvCkqlDgKUt] => "C:\Users\Lenovo\AppData\Roaming\Oracle\bin\javaw.exe" -jar "C:\Users\Lenovo\PTCVWyAJvEp\XWHPSJfipJk.zbJXrg"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Policies\system: [DISABLETASKMGR] 2
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {286bab2a-9206-11ea-b900-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {286bad11-9206-11ea-b900-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {617a45cc-77be-11ea-b8fb-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {ef0c3d1e-92c1-11ea-b901-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {f00e25ed-4d2a-11ea-b8e0-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-06] (Google LLC -> Google LLC)
IFEO\acs.exe: [Debugger] svchost.exe
IFEO\AdAwareDesktop.exe: [Debugger] svchost.exe
IFEO\AdAwareService.exe: [Debugger] svchost.exe
IFEO\AdAwareTray.exe: [Debugger] svchost.exe
IFEO\AgentSvc.exe: [Debugger] svchost.exe
IFEO\AVK.exe: [Debugger] svchost.exe
IFEO\AVKProxy.exe: [Debugger] svchost.exe
IFEO\AVKService.exe: [Debugger] svchost.exe
IFEO\AVKTray.exe: [Debugger] svchost.exe
IFEO\AVKWCtlx64.exe: [Debugger] svchost.exe
IFEO\avpmapp.exe: [Debugger] svchost.exe
IFEO\av_task.exe: [Debugger] svchost.exe
IFEO\Bav.exe: [Debugger] svchost.exe
IFEO\bavhm.exe: [Debugger] svchost.exe
IFEO\BavSvc.exe: [Debugger] svchost.exe
IFEO\BavTray.exe: [Debugger] svchost.exe
IFEO\BavUpdater.exe: [Debugger] svchost.exe
IFEO\BavWebClient.exe: [Debugger] svchost.exe
IFEO\BDSSVC.EXE: [Debugger] svchost.exe
IFEO\BgScan.exe: [Debugger] svchost.exe
IFEO\BullGuard.exe: [Debugger] svchost.exe
IFEO\BullGuardBhvScanner.exe: [Debugger] svchost.exe
IFEO\BullGuardUpdate.exe: [Debugger] svchost.exe
IFEO\BullGuarScanner.exe: [Debugger] svchost.exe
IFEO\capinfos.exe: [Debugger] svchost.exe
IFEO\cavwp.exe: [Debugger] svchost.exe
IFEO\CertReg.exe: [Debugger] svchost.exe
IFEO\cis.exe: [Debugger] svchost.exe
IFEO\CisTray.exe: [Debugger] svchost.exe
IFEO\clamscan.exe: [Debugger] svchost.exe
IFEO\ClamTray.exe: [Debugger] svchost.exe
IFEO\ClamWin.exe: [Debugger] svchost.exe
IFEO\cmdagent.exe: [Debugger] svchost.exe
IFEO\ConfigSecurityPolicy.exe: [Debugger] svchost.exe
IFEO\CONSCTLX.EXE: [Debugger] svchost.exe
IFEO\coreFrameworkHost.exe: [Debugger] svchost.exe
IFEO\coreServiceShell.exe: [Debugger] svchost.exe
IFEO\dragon_updater.exe: [Debugger] svchost.exe
IFEO\dumpcap.exe: [Debugger] svchost.exe
IFEO\econceal.exe: [Debugger] svchost.exe
IFEO\econser.exe: [Debugger] svchost.exe
IFEO\editcap.exe: [Debugger] svchost.exe
IFEO\EMLPROXY.EXE: [Debugger] svchost.exe
IFEO\escanmon.exe: [Debugger] svchost.exe
IFEO\escanpro.exe: [Debugger] svchost.exe
IFEO\fcappdb.exe: [Debugger] svchost.exe
IFEO\FCDBlog.exe: [Debugger] svchost.exe
IFEO\FCHelper64.exe: [Debugger] svchost.exe
IFEO\FilMsg.exe: [Debugger] svchost.exe
IFEO\FilUp.exe: [Debugger] svchost.exe
IFEO\filwscc.exe: [Debugger] svchost.exe
IFEO\fmon.exe: [Debugger] svchost.exe
IFEO\FortiClient.exe: [Debugger] svchost.exe
IFEO\FortiClient_Diagnostic_Tool.exe: [Debugger] svchost.exe
IFEO\FortiESNAC.exe: [Debugger] svchost.exe
IFEO\FortiFW.exe: [Debugger] svchost.exe
IFEO\FortiProxy.exe: [Debugger] svchost.exe
IFEO\FortiSSLVPNdaemon.exe: [Debugger] svchost.exe
IFEO\FortiTray.exe: [Debugger] svchost.exe
IFEO\FPAVServer.exe: [Debugger] svchost.exe
IFEO\FProtTray.exe: [Debugger] svchost.exe
IFEO\FPWin.exe: [Debugger] svchost.exe
IFEO\freshclam.exe: [Debugger] svchost.exe
IFEO\freshclamwrap.exe: [Debugger] svchost.exe
IFEO\fsgk32.exe: [Debugger] svchost.exe
IFEO\FSHDLL64.exe: [Debugger] svchost.exe
IFEO\fshoster32.exe: [Debugger] svchost.exe
IFEO\FSM32.EXE: [Debugger] svchost.exe
IFEO\FSMA32.EXE: [Debugger] svchost.exe
IFEO\fsorsp.exe: [Debugger] svchost.exe
IFEO\fssm32.exe: [Debugger] svchost.exe
IFEO\GdBgInx64.exe: [Debugger] svchost.exe
IFEO\GDKBFltExe32.exe: [Debugger] svchost.exe
IFEO\GDSC.exe: [Debugger] svchost.exe
IFEO\GDScan.exe: [Debugger] svchost.exe
IFEO\guardxkickoff_x64.exe: [Debugger] svchost.exe
IFEO\guardxservice.exe: [Debugger] svchost.exe
IFEO\iptray.exe: [Debugger] svchost.exe
IFEO\K7AVScan.exe: [Debugger] svchost.exe
IFEO\K7CrvSvc.exe: [Debugger] svchost.exe
IFEO\K7EmlPxy.EXE: [Debugger] svchost.exe
IFEO\K7FWSrvc.exe: [Debugger] svchost.exe
IFEO\K7PSSrvc.exe: [Debugger] svchost.exe
IFEO\K7RTScan.exe: [Debugger] svchost.exe
IFEO\K7SysMon.Exe: [Debugger] svchost.exe
IFEO\K7TSecurity.exe: [Debugger] svchost.exe
IFEO\K7TSMain.exe: [Debugger] svchost.exe
IFEO\K7TSMngr.exe: [Debugger] svchost.exe
IFEO\LittleHook.exe: [Debugger] svchost.exe
IFEO\mbam.exe: [Debugger] svchost.exe
IFEO\mbamscheduler.exe: [Debugger] svchost.exe
IFEO\mbamservice.exe: [Debugger] svchost.exe
IFEO\MCS-Uninstall.exe: [Debugger] svchost.exe
IFEO\MCShieldCCC.exe: [Debugger] svchost.exe
IFEO\MCShieldDS.exe: [Debugger] svchost.exe
IFEO\MCShieldRTM.exe: [Debugger] svchost.exe
IFEO\mergecap.exe: [Debugger] svchost.exe
IFEO\MpCmdRun.exe: [Debugger] svchost.exe
IFEO\MpUXSrv.exe: [Debugger] svchost.exe
IFEO\MSASCui.exe: [Debugger] svchost.exe
IFEO\MsMpEng.exe: [Debugger] svchost.exe
IFEO\MWAGENT.EXE: [Debugger] svchost.exe
IFEO\MWASER.EXE: [Debugger] svchost.exe
IFEO\nanoav.exe: [Debugger] svchost.exe
IFEO\nanosvc.exe: [Debugger] svchost.exe
IFEO\nbrowser.exe: [Debugger] svchost.exe
IFEO\nfservice.exe: [Debugger] svchost.exe
IFEO\NisSrv.exe: [Debugger] svchost.exe
IFEO\njeeves2.exe: [Debugger] svchost.exe
IFEO\nnf.exe: [Debugger] svchost.exe
IFEO\nprosec.exe: [Debugger] svchost.exe
IFEO\NS.exe: [Debugger] svchost.exe
IFEO\nseupdatesvc.exe: [Debugger] svchost.exe
IFEO\nvcod.exe: [Debugger] svchost.exe
IFEO\nvcsvc.exe: [Debugger] svchost.exe
IFEO\nvoy.exe: [Debugger] svchost.exe
IFEO\nwscmon.exe: [Debugger] svchost.exe
IFEO\ONLINENT.EXE: [Debugger] svchost.exe
IFEO\OPSSVC.EXE: [Debugger] svchost.exe
IFEO\op_mon.exe: [Debugger] svchost.exe
IFEO\ProcessHacker.exe: [Debugger] svchost.exe
IFEO\procexp.exe: [Debugger] svchost.exe
IFEO\PSANHost.exe: [Debugger] svchost.exe
IFEO\PSUAMain.exe: [Debugger] svchost.exe
IFEO\PSUAService.exe: [Debugger] svchost.exe
IFEO\psview.exe: [Debugger] svchost.exe
IFEO\PtSessionAgent.exe: [Debugger] svchost.exe
IFEO\PtSvcHost.exe: [Debugger] svchost.exe
IFEO\PtWatchDog.exe: [Debugger] svchost.exe
IFEO\quamgr.exe: [Debugger] svchost.exe
IFEO\QUHLPSVC.EXE: [Debugger] svchost.exe
IFEO\rawshark.exe: [Debugger] svchost.exe
IFEO\SAPISSVC.EXE: [Debugger] svchost.exe
IFEO\SASCore64.exe: [Debugger] svchost.exe
IFEO\SASTask.exe: [Debugger] svchost.exe
IFEO\SBAMSvc.exe: [Debugger] svchost.exe
IFEO\SBAMTray.exe: [Debugger] svchost.exe
IFEO\SBPIMSvc.exe: [Debugger] svchost.exe
IFEO\SCANNER.EXE: [Debugger] svchost.exe
IFEO\SCANWSCS.EXE: [Debugger] svchost.exe
IFEO\schmgr.exe: [Debugger] svchost.exe
IFEO\scproxysrv.exe: [Debugger] svchost.exe
IFEO\ScSecSvc.exe: [Debugger] svchost.exe
IFEO\SDFSSvc.exe: [Debugger] svchost.exe
IFEO\SDScan.exe: [Debugger] svchost.exe
IFEO\SDTray.exe: [Debugger] svchost.exe
IFEO\SDWelcome.exe: [Debugger] svchost.exe
IFEO\SSUpdate64.exe: [Debugger] svchost.exe
IFEO\SUPERAntiSpyware.exe: [Debugger] svchost.exe
IFEO\SUPERDelete.exe: [Debugger] svchost.exe
IFEO\Taskmgr.exe: [Debugger] svchost.exe
IFEO\text2pcap.exe: [Debugger] svchost.exe
IFEO\TRAYICOS.EXE: [Debugger] svchost.exe
IFEO\TRAYSSER.EXE: [Debugger] svchost.exe
IFEO\trigger.exe: [Debugger] svchost.exe
IFEO\tshark.exe: [Debugger] svchost.exe
IFEO\twsscan.exe: [Debugger] svchost.exe
IFEO\twssrv.exe: [Debugger] svchost.exe
IFEO\uiSeAgnt.exe: [Debugger] svchost.exe
IFEO\uiUpdateTray.exe: [Debugger] svchost.exe
IFEO\uiWatchDog.exe: [Debugger] svchost.exe
IFEO\uiWinMgr.exe: [Debugger] svchost.exe
IFEO\UnThreat.exe: [Debugger] svchost.exe
IFEO\UserAccountControlSettings.exe: [Debugger] svchost.exe
IFEO\UserReg.exe: [Debugger] svchost.exe
IFEO\utsvc.exe: [Debugger] svchost.exe
IFEO\V3Main.exe: [Debugger] svchost.exe
IFEO\V3Medic.exe: [Debugger] svchost.exe
IFEO\V3Proxy.exe: [Debugger] svchost.exe
IFEO\V3SP.exe: [Debugger] svchost.exe
IFEO\V3Svc.exe: [Debugger] svchost.exe
IFEO\V3Up.exe: [Debugger] svchost.exe
IFEO\VIEWTCP.EXE: [Debugger] svchost.exe
IFEO\VIPREUI.exe: [Debugger] svchost.exe
IFEO\virusutilities.exe: [Debugger] svchost.exe
IFEO\WebCompanion.exe: [Debugger] svchost.exe
IFEO\wireshark.exe: [Debugger] svchost.exe
IFEO\Zanda.exe: [Debugger] svchost.exe
IFEO\Zlh.exe: [Debugger] svchost.exe
IFEO\zlhh.exe: [Debugger] svchost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bitmeter2.lnk [2020-01-13]
ShortcutTarget: Bitmeter2.lnk -> C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe () [File not signed]
InternetURL: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IyJtAZtWgF.url -> URL: "file:///C:\ProgramData\TePmHeashU\svchost.exe"
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-02-29]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\One Calendar.lnk [2020-03-13]
ShortcutTarget: One Calendar.lnk -> (No File)
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\One Task.lnk [2020-03-13]
ShortcutTarget: One Task.lnk -> (No File)
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\syncthing.exe – zástupce.lnk [2020-03-09]
ShortcutTarget: syncthing.exe – zástupce.lnk -> C:\Program Files\Syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> )
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Vista.ini.lnk [2020-05-18]
ShortcutTarget: Vista.ini.lnk -> C:\Users\Lenovo\AppData\Vista.js () [File not signed]
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windowsupdate.lnk [2020-05-08]
ShortcutAndArgument: windowsupdate.lnk -> C:\Windows\system32\wscript.exe => /E:jscript "C:\Users\Lenovo\AppData\Roaming\windowsupdate" wscript.exe/erMoEJ6JdZJWUfytaXCbqIhg2

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {029293AC-5946-4948-9534-A54B47F345D5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {10BB8719-F4F5-4CDD-96BD-36EAF11734E2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {155A9008-17E0-4D6A-BD0E-901E98278445} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {19507FD4-2017-469D-B214-86497FC0BB41} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-760426430-1322398698-3842268529-1001 => C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88360 2020-05-13] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {23FA26BB-C039-4F85-A5B3-F0136F87928D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2F335A4F-80E8-4411-93C8-E5FE62321694} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {385DC512-6B48-450A-9A0D-FCFA9AAFF7F5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B214E58-39E1-4C7C-BE90-A66AB50B9BB9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B3A6579-E11F-4DAF-A365-9096252B8E14} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44AFAA77-0F1A-4E28-857C-C180BC35E62F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {51468BEE-AC0A-4A49-BCCC-4D736A590B9E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5846F0E5-0884-470C-BD0B-F6BF74C3B9B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5C4D55AE-D06D-45BC-A96C-44BDE8187243} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6D2C3372-83D8-494D-A1FE-B15D0454D774} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {766E348E-5F74-438F-9D66-D5C8B72E952C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {78009D8F-5624-421B-8AFA-5E2E8FA413A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-10] (Google Inc -> Google LLC)
Task: {85319050-528F-4B2F-80A6-044395A733E9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {983C1DF4-D772-4280-9DB2-B6698167FE3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-10] (Google Inc -> Google LLC)
Task: {BA1E06EA-A545-437B-B4DE-AA82D3DCCF52} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2734968 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {C03BB4C7-0B1B-4775-8E95-0D1F1859E7DE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC22BB48-95E3-43D5-97E9-B9A3DE77D9AB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DE2AA4F3-D094-4B05-A85E-FE8DFD096B93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB81E3CB-AB5A-4AFD-A222-C7C96480FA00} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => 127.0.0.1:8080
ProxyEnable: [S-1-5-19] => Proxy is enabled.
ProxyServer: [S-1-5-19] => 127.0.0.1:8080
ProxyEnable: [S-1-5-20] => Proxy is enabled.
ProxyServer: [S-1-5-20] => 127.0.0.1:8080
ProxyEnable: [S-1-5-21-760426430-1322398698-3842268529-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-760426430-1322398698-3842268529-1001] => 127.0.0.1:8080
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{492b48f8-e2f8-4dbb-99e5-140c600e4a94}: [DhcpNameServer] 192.168.150.237 192.168.3.1
Tcpip\..\Interfaces\{d22bb9ac-ab75-40ee-9000-0d9611b37417}: [DhcpNameServer] 192.168.0.1
ManualProxies: 1127.0.0.1:8080

Internet Explorer:
==================
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
BHO: Soda PDF Desktop 11 Helper -> {9703de71-ce0d-11e8-9c83-40167e6e7313} -> C:\Program Files\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-helper.dll [2019-01-21] (LULU Software -> LULU Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Soda PDF Desktop 11 Helper -> {9703de71-ce0d-11e8-9c83-40167e6e7313} -> C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-helper.dll [2019-01-21] (LULU Software -> LULU Software)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Soda PDF Desktop 11 Toolbar - {970516f0-ce0d-11e8-8baa-40167e6e7313} - C:\Program Files\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-01-21] (LULU Software -> LULU Software)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Soda PDF Desktop 11 Toolbar - {970516f0-ce0d-11e8-8baa-40167e6e7313} - C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-01-21] (LULU Software -> LULU Software)
IE Session Restore: HKU\S-1-5-21-760426430-1322398698-3842268529-1001 -> is enabled.

Edge:
======
DownloadDir: C:\Users\Lenovo\Downloads

FireFox:
========
FF DefaultProfile: v8ckfixm.default
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\v8ckfixm.default [2020-05-16]
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\tgjsky57.default-release [2020-05-18]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-02-04]
FF HKLM\...\Firefox\Extensions: [soda_pdf_desktop_11_conv_v.4@sodapdf.com] - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\soda_pdf_desktop_11_conv_v.4@sodapdf.com.xpi
FF Extension: (Soda PDF Desktop 11 Creator) - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\soda_pdf_desktop_11_conv_v.4@sodapdf.com.xpi [2019-01-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [soda_pdf_desktop_11_conv_v.4@sodapdf.com] - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\soda_pdf_desktop_11_conv_v.4@sodapdf.com.xpi
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: Soda PDF Desktop 11 -> C:\Program Files (x86)\Soda PDF Desktop 11\np-previewer.dll [2019-01-21] (LULU Software -> LULU Software)

Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2020-05-18]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://fastshare.cz; hxxps://www.namaximum.cz
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com ... oogle.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-10]
CHR Extension: (Dokumenty) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-10]
CHR Extension: (Disk Google) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-10]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-10]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-08]
CHR Extension: (Click to Tab) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebicmkkcnhdiglneianohfjapmanjoek [2020-03-15]
CHR Extension: (Adobe Acrobat) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-02-28]
CHR Extension: (Feedly Notifier) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\egikgfbhipinieabdmcpigejkaomgjgb [2020-04-21]
CHR Extension: (Tabulky) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-10]
CHR Extension: (Save as Shortcut) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\flehofiklehmnnolpjcamplcnmhgcbkk [2019-12-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-28]
CHR Extension: (Inoreader - RSS, News and Social Reader) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhglljfmpijadbpkalkclnhlncncdono [2019-12-10]
CHR Extension: (Tab Activate) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlmadbnpnnolpaljadgakjilggigioaj [2020-03-15]
CHR Extension: (Save as PDF) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2019-12-10]
CHR Extension: (gLinks) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\leanhbopikglhiejeckmchmobphcpphm [2019-12-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-12-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-10]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-10]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-28]
CHR HKU\S-1-5-21-760426430-1322398698-3842268529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-760426430-1322398698-3842268529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 478A5347; C:\ProgramData\478A5347\B79C6115.dll [1117696 2020-05-16] () [File not signed]
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AtomicAlarmClock; C:\Program Files\Free Desktop Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe [553600 2020-04-01] (NZXT, Inc. -> )
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\FileSyncHelper.exe [2150248 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-12-27] (Mixbyte Inc -> Freemake)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-01-15] (FUTUREMARK INC -> Futuremark)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-12-27] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-04] (Intel(R) pGFX -> Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-13] (Malwarebytes Inc -> Malwarebytes)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [233456 2017-07-04] (Netgear Incorporated -> NETGEAR)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\OneDriveUpdaterService.exe [2509688 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
R3 Soda PDF Desktop 11; C:\Program Files\Soda PDF Desktop 11\ws.exe [2465096 2019-01-21] (LULU Software -> LULU Software)
R2 Soda PDF Desktop 11 Creator; C:\Program Files\Soda PDF Desktop 11\creator\common\creator-ws.exe [720200 2019-01-21] (LULU Software -> LULU Software)
R2 Soda PDF Desktop 11 Update Service; C:\Program Files\Soda PDF Desktop 11\updater-ws.exe [1764680 2019-01-21] (LULU Software -> LULU Software)
R2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [378568 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3315400 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R2 TermService; C:\Windows\branding\mediasrv.png [56320 2014-11-11] (important) [File not signed] <==== ATTENTION (no ServiceDLL)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\NisSrv.exe [3294680 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate(CPC)\Transfer\DriverInstall.exe [112560 2020-03-25] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 L1C; C:\Windows\System32\drivers\L1C63x64.sys [121344 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2020-01-02] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17608 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24776 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [19656 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [391392 2020-03-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-20] (Microsoft Windows -> Microsoft Corporation)
S0 fltsrv; system32\DRIVERS\fltsrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-18 19:14 - 2020-05-18 19:14 - 000046216 _____ C:\Users\Lenovo\Downloads\FRST.txt
2020-05-18 19:13 - 2020-05-18 19:14 - 000000000 ____D C:\FRST
2020-05-18 19:13 - 2020-05-18 19:13 - 002286080 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe
2020-05-18 17:54 - 2020-05-18 17:54 - 000000000 ____D C:\rsit
2020-05-18 17:54 - 2020-05-18 17:54 - 000000000 ____D C:\Program Files\trend micro
2020-05-18 17:53 - 2020-05-18 17:53 - 001222144 _____ C:\Users\Lenovo\Downloads\RSITx64.exe
2020-05-18 12:43 - 2020-05-18 12:43 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2020-05-18 12:39 - 2020-05-18 12:40 - 002667520 _____ (Icons8-Ios7-Household-Mouse-Trap-Mouse may) C:\Users\Public\signed.exe
2020-05-17 19:24 - 2020-05-17 22:38 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Opera Software
2020-05-17 19:23 - 2020-05-17 22:38 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Opera Software
2020-05-17 19:22 - 2020-05-17 19:22 - 000000897 _____ C:\Users\Lenovo\Desktop\µTorrent.lnk
2020-05-17 13:14 - 2020-05-17 13:14 - 000007413 _____ C:\Users\Lenovo\AppData\Roaming\ID.js
2020-05-16 20:39 - 2020-05-18 19:10 - 000000000 __RHD C:\ProgramData\478A5347
2020-05-16 20:38 - 2020-05-16 20:38 - 001119232 _____ C:\Users\Lenovo\AppData\Roaming\notepad.exe
2020-05-16 14:29 - 2020-05-18 19:11 - 000000882 _____ C:\Windows\SysWOW64\test.txt
2020-05-16 13:35 - 2020-05-16 14:30 - 000002030 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2020-05-16 09:42 - 2020-05-16 09:42 - 000001060 _____ C:\Users\Public\Desktop\HiSuite.lnk
2020-05-16 09:42 - 2020-05-16 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2020-05-16 09:41 - 2020-05-16 09:42 - 000000000 ____D C:\Program Files (x86)\HiSuite
2020-05-15 14:00 - 2020-05-15 14:00 - 000490846 _____ C:\Users\Lenovo\AppData\Roaming\oicxmzkagb.txt
2020-05-15 13:51 - 2020-05-15 13:51 - 000490846 _____ C:\Users\Lenovo\AppData\Roaming\jbghuhqrms.txt
2020-05-15 13:51 - 2020-05-15 13:51 - 000000000 ___HD C:\Users\Lenovo\PTCVWyAJvEp
2020-05-15 13:51 - 2020-05-15 13:51 - 000000000 ____D C:\Users\Lenovo\fUTkALeaTxM
2020-05-15 13:51 - 2020-05-15 13:51 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Oracle
2020-05-15 08:46 - 2020-05-15 08:46 - 000001216 _____ C:\Users\Lenovo\Desktop\MemTest64.exe – zástupce.lnk
2020-05-14 17:35 - 2020-05-17 13:14 - 000007413 _____ C:\Users\Lenovo\AppData\Vista.js
2020-05-14 17:15 - 2020-05-14 17:15 - 000000000 ____D C:\Wondershare UniConverter
2020-05-14 17:15 - 2020-05-14 17:15 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2020-05-14 17:13 - 2020-05-15 13:56 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Wondershare
2020-05-14 17:13 - 2020-05-15 13:55 - 000000000 ____D C:\ProgramData\Wondershare
2020-05-14 17:13 - 2020-05-15 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2020-05-14 17:13 - 2020-05-15 13:55 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-05-14 17:13 - 2020-05-14 17:13 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\TransferSupport
2020-05-14 17:13 - 2020-05-14 17:13 - 000000000 ____D C:\ProgramData\Wondershare MediaServer
2020-05-14 17:13 - 2020-05-14 17:13 - 000000000 ____D C:\ProgramData\GraphicsType
2020-05-14 17:10 - 2020-05-15 13:56 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2020-05-13 11:46 - 2020-05-13 12:15 - 002147131 _____ C:\Users\Lenovo\Desktop\Karlův moučník.odt
2020-05-12 21:52 - 2020-05-12 21:52 - 000000000 ___HD C:\OneDriveTemp
2020-05-12 15:02 - 2020-05-15 08:36 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\AIMP
2020-05-12 15:02 - 2020-05-12 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2020-05-12 15:02 - 2020-05-12 15:02 - 000000000 ____D C:\Program Files (x86)\AIMP
2020-05-11 14:37 - 2020-05-11 14:50 - 000921440 _____ C:\Users\Lenovo\Desktop\Nepečený pamlsek.odt
2020-05-10 15:27 - 2020-05-18 19:11 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\uTorrent
2020-05-10 14:51 - 2020-05-10 15:40 - 000000000 ____D C:\Users\Lenovo\Documents\HiSuite
2020-05-10 14:51 - 2020-05-10 14:51 - 000000000 ____D C:\Users\Lenovo\.android
2020-05-10 14:50 - 2020-05-16 09:41 - 000000000 ____D C:\Users\Lenovo\AppData\Local\HiSuite
2020-05-10 14:50 - 2019-12-27 04:18 - 002152176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2020-05-10 14:50 - 2019-12-27 04:18 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2020-05-10 14:50 - 2019-12-27 04:18 - 001002728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2020-05-10 14:50 - 2019-12-27 04:18 - 000287232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2020-05-10 14:50 - 2019-12-27 04:18 - 000226560 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2020-05-10 14:50 - 2019-12-27 04:18 - 000127360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2020-05-10 14:50 - 2019-12-27 04:18 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2020-05-10 14:50 - 2019-12-27 04:18 - 000018944 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2020-05-08 00:48 - 2020-05-06 22:52 - 000177620 _____ C:\Users\Lenovo\AppData\Roaming\windowsupdate
2020-05-02 07:26 - 2020-05-02 07:27 - 000000000 ____D C:\Users\Lenovo\Desktop\FreemakeVideoDownloader_3.8.3.5
2020-05-01 19:49 - 2020-05-01 21:49 - 000000000 ____D C:\Users\Lenovo\Desktop\MemTest86.8.3
2020-05-01 19:18 - 2020-05-13 07:04 - 000000000 ____D C:\Users\Lenovo\Desktop\Freemake Video Converter 4.1.10.491 Multilingual
2020-04-28 23:46 - 2020-05-15 16:54 - 000000000 ____D C:\Windows\Minidump

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-18 19:15 - 2020-01-13 23:38 - 000000000 ____D C:\ProgramData\Bitmeter2
2020-05-18 19:15 - 2019-12-15 04:11 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\uTorrent
2020-05-18 19:12 - 2019-11-27 19:51 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-18 19:11 - 2020-01-02 23:10 - 000000000 ____D C:\Users\Lenovo\AppData\Local\NETGEARGenie
2020-05-18 19:11 - 2019-12-15 04:12 - 000000000 ____D C:\Users\Lenovo\AppData\Local\BitTorrentHelper
2020-05-18 19:11 - 2019-11-27 19:47 - 000000000 ___RD C:\Users\Lenovo\OneDrive
2020-05-18 19:10 - 2019-12-12 05:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-18 19:10 - 2019-11-27 20:03 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2020-05-18 19:10 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-18 19:10 - 2019-03-19 06:37 - 001572864 _____ C:\Windows\system32\config\BBI
2020-05-18 19:04 - 2019-03-19 13:55 - 000718198 _____ C:\Windows\system32\perfh005.dat
2020-05-18 19:04 - 2019-03-19 13:55 - 000145242 _____ C:\Windows\system32\perfc005.dat
2020-05-18 19:04 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF
2020-05-18 19:04 - 2016-04-27 08:54 - 001693640 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-18 17:50 - 2020-03-07 20:29 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Syncthing
2020-05-18 17:48 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-05-18 15:36 - 2020-02-22 01:45 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-05-18 12:43 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\Branding
2020-05-18 09:18 - 2019-12-12 05:08 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-05-17 22:37 - 2020-01-04 04:37 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-05-17 19:22 - 2019-12-15 04:11 - 000000877 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2020-05-17 02:30 - 2019-11-27 20:24 - 000000000 ____D C:\Users\Lenovo\AppData\Local\LenovoServiceBridge
2020-05-16 14:29 - 2019-12-10 19:45 - 000000000 ___RD C:\Users\Lenovo\Disk Google
2020-05-16 13:36 - 2020-03-17 12:47 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-05-16 13:35 - 2020-03-28 06:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-05-15 21:57 - 2020-03-29 08:16 - 000000000 ____D C:\Users\Lenovo\Documents\D O K L A D Y
2020-05-15 14:04 - 2019-12-15 09:38 - 000000000 ___RD C:\Users\Lenovo\Desktop\Zástupci
2020-05-15 14:01 - 2020-01-04 11:47 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Wondershare
2020-05-15 13:51 - 2019-12-12 05:20 - 000000000 ____D C:\Users\Lenovo
2020-05-15 12:31 - 2020-02-21 20:20 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-05-15 12:31 - 2020-02-21 20:20 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-05-15 08:37 - 2019-12-12 05:08 - 000497896 _____ C:\Windows\system32\FNTCACHE.DAT
2020-05-15 08:36 - 2019-12-30 19:38 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Mp3tag
2020-05-15 08:36 - 2019-12-30 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2020-05-15 08:36 - 2019-12-30 19:37 - 000000000 ____D C:\Program Files (x86)\Mp3tag
2020-05-14 17:27 - 2019-12-12 07:47 - 000000000 ____D C:\Users\Lenovo\AppData\Local\PlaceholderTileLogoFolder
2020-05-14 11:22 - 2020-03-16 05:00 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-13 07:06 - 2019-12-11 01:15 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2020-05-12 21:52 - 2019-12-12 05:26 - 000003206 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2020-05-12 21:52 - 2019-12-11 01:15 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-11 17:30 - 2019-12-30 19:06 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\audacity
2020-05-10 15:28 - 2020-03-31 03:37 - 000000000 ____D C:\ProgramData\TePmHeashU
2020-05-06 01:27 - 2019-12-10 18:23 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-04 02:13 - 2020-01-23 11:23 - 000366360 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2020-05-04 02:13 - 2019-06-20 03:27 - 000333592 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2020-05-04 02:13 - 2019-06-20 03:27 - 000203544 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_2.dll
2020-05-04 02:13 - 2019-06-20 03:27 - 000031512 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_1.dll
2020-05-03 17:13 - 2019-06-20 03:27 - 000044312 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140_1.dll
2020-05-03 17:13 - 2019-06-20 03:27 - 000027416 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_codecvt_ids.dll
2020-04-28 16:55 - 2019-12-28 01:17 - 000000000 ____D C:\Program Files (x86)\Java
2020-04-21 21:56 - 2019-12-15 05:18 - 000000000 ____D C:\Users\Public\Documents\Winstep
2020-04-21 00:57 - 2020-02-29 13:36 - 000000000 ___RD C:\Users\Lenovo\Documents\MEGA

==================== Files in the root of some directories ========

2020-05-18 12:39 - 2020-05-18 12:40 - 002667520 _____ (Icons8-Ios7-Household-Mouse-Trap-Mouse may) C:\Users\Public\signed.exe
2019-12-11 08:41 - 2020-01-02 17:50 - 000000132 _____ () C:\Users\Lenovo\AppData\Roaming\Adobe PNG Format CS6 Prefs
2020-04-01 08:32 - 2020-04-01 08:32 - 000004433 _____ () C:\Users\Lenovo\AppData\Roaming\for.js
2020-05-17 13:14 - 2020-05-17 13:14 - 000007413 _____ () C:\Users\Lenovo\AppData\Roaming\ID.js
2020-05-15 13:51 - 2020-05-15 13:51 - 000490846 _____ () C:\Users\Lenovo\AppData\Roaming\jbghuhqrms.txt
2020-05-16 20:38 - 2020-05-16 20:38 - 001119232 _____ () C:\Users\Lenovo\AppData\Roaming\notepad.exe
2020-05-15 14:00 - 2020-05-15 14:00 - 000490846 _____ () C:\Users\Lenovo\AppData\Roaming\oicxmzkagb.txt
2020-03-30 14:27 - 2020-03-30 14:27 - 139261152 _____ (Wondershare Software ) C:\Users\Lenovo\AppData\Roaming\video-converter-ultimate_full495.exe
2020-05-08 00:48 - 2020-05-06 22:52 - 000177620 _____ () C:\Users\Lenovo\AppData\Roaming\windowsupdate
2020-02-21 19:38 - 2020-02-21 19:38 - 000000410 _____ () C:\Users\Lenovo\AppData\Local\oobelibMkey.log
2019-11-27 20:29 - 2019-11-27 20:29 - 000007605 _____ () C:\Users\Lenovo\AppData\Local\Resmon.ResmonCfg
2020-03-24 00:49 - 2020-03-24 00:49 - 000201521 _____ () C:\Users\Lenovo\AppData\Local\tmp.tmp
2020-03-13 21:38 - 2020-03-13 21:38 - 000893608 _____ (AutoIt Team) C:\Users\Lenovo\AppData\Local\wintmp.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

OK. Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Ivošisko]

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-05-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-18-2020
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 22
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Not Deleted C:\ProgramData\478A5347

***** [ Files ] *****

Deleted C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windowsupdate.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted MyStart Search
Deleted banggood.com
Deleted http://www.mystartsearch.com/?type=hp&t ... m=cvs&uid=_
Deleted http://www.mystartsearch.com/?type=hp&t ... m=cvs&uid=_
Deleted http://www.mystartsearch.com/?type=hp&t ... m=cvs&uid=_
Deleted http://www.mystartsearch.com/?type=hp&t ... m=cvs&uid=_
Deleted iZito.com
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch
Deleted mystartsearch
Deleted webssearches
Deleted webssearches

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoEasyCamera Folder C:\Program Files (x86)\USB CAMERA
Deleted Preinstalled.LenovoEasyCamera Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|331BigDog
Deleted Preinstalled.LenovoEasyCamera Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|331BigDog
Deleted Preinstalled.LenovoEasyCamera Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}
Deleted Preinstalled.LenovoServiceBridge Folder C:\Users\Lenovo\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Deleted Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

[Rudy]

Dejte nové logy FRST+Addition.

[Ivošisko]

Zatím stále padá (cca co 10 min)


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by Lenovo (18-05-2020 21:11:07)
Running from C:\Users\Lenovo\Desktop
Windows 10 Home Version 1903 18362.720 (X64) (2019-12-12 03:28:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-760426430-1322398698-3842268529-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-760426430-1322398698-3842268529-503 - Limited - Disabled)
Guest (S-1-5-21-760426430-1322398698-3842268529-501 - Limited - Disabled)
Lenovo (S-1-5-21-760426430-1322398698-3842268529-1001 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-760426430-1322398698-3842268529-504 - Limited - Disabled)
WgaUtilAcc (S-1-5-21-760426430-1322398698-3842268529-1002 - Administrator - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\uTorrent) (Version: 3.5.5.45574 - BitTorrent Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.009.20063 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20063 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.60.2180, 25.03.2020 - AIMP DevTeam)
Aktualizace NVIDIA 38.0.2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.2.0 - NVIDIA Corporation) Hidden
Atomic Alarm Clock 6.3 beta (HKLM\...\Atomic Alarm Clock_is1) (Version: - Drive Software Company)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Avidemux VC++ 64bits (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\{2799a4bd-577f-45de-a7eb-330cdd2c2ab0}) (Version: 2.7.5 - Mean)
Backup and Sync from Google (HKLM\...\{FE296942-D2D3-4149-8895-60655FE4CFDE}) (Version: 3.49.9800.0000 - Google, Inc.)
BitMeter (HKLM-x32\...\BitMeter) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 7.35.317.3 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
CrystalDiskInfo 8.4.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.4.0 - Crystal Dew World)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
FastStone Image Viewer 7.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.4 - FastStone Soft)
FlashPeak Slimjet 64bit (HKLM\...\Slimjet) (Version: 25.0.11.0 - FlashPeak Inc.)
Free Desktop Clock 3.0 (HKLM\...\Free Desktop Clock_is1) (Version: - Drive Software Company)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.4 - Ellora Assets Corporation)
Futuremark SystemInfo (HKLM-x32\...\{A93C08EF-FEB5-49B0-BA5C-2149018683B5}) (Version: 5.26.809.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.0.1.100 - )
inSSIDer (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\inSSIDer) (Version: 5.2.14 - MetaGeek, LLC)
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
LibreOffice 6.4 Help Pack (Czech) (HKLM\...\{AE983296-8590-4589-84E0-80B8C30ED803}) (Version: 6.4.0.3 - The Document Foundation)
LibreOffice 6.4.2.2 (HKLM\...\{366B3DEE-791D-4044-AC14-4FE2265754BA}) (Version: 6.4.2.2 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MKVToolNix 43.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 43.0.0 - Moritz Bunkus)
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 68.1.0 - Mozilla)
Mp3tag v3.01 (HKLM-x32\...\Mp3tag) (Version: 3.01 - Florian Heidenreich)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.60.00 - NETGEAR Inc.)
Nexus Ultimate 11.6 (HKLM-x32\...\Nexus Ultimate_is1) (Version: - )
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.1.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.1.57 - NVIDIA Corporation)
NZXT CAM 4.4.2 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.4.2 - NZXT, Inc.)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 200317 - Kakao Corp.)
Revo Uninstaller Pro 4.2.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.3 - VS Revo Group, Ltd.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Soda PDF Desktop 11 Asian Fonts Pack (HKLM\...\{D336848F-432B-4836-AE2C-E4ABFC7F314A}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Convert Module (HKLM\...\{B0628573-EBC2-4442-808E-00ED1EBB129C}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Create Module (HKLM\...\{B3F86380-B7CA-47CA-9AA0-FFEBD3E6263E}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Edit Module (HKLM\...\{136C67C4-E28C-46BA-A594-C5595C183E5E}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Forms Module (HKLM\...\{1B9DFB67-93F9-499A-BDCA-B3AAED43F152}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Insert Module (HKLM\...\{1F509347-B3F4-489C-8119-D1B85181ED71}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Review Module (HKLM\...\{A478AFED-D891-4635-895A-206581109C03}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 Secure Module (HKLM\...\{2CEE9074-55A0-4362-9450-D17789E382C4}) (Version: 11.0.7.2753 - LULU Software)
Soda PDF Desktop 11 View Module (HKLM\...\{3F89F739-B2BB-4EE3-90E1-610F3D50EB61}) (Version: 11.0.7.2753 - LULU Software)
SoftPerfect Network Scanner version 7.2.6 (HKLM\...\{8083C3D9-F400-48FA-B060-CF55F25E2D4B}_is1) (Version: 7.2.6 - SoftPerfect Pty Ltd)
Speedtest by Ookla (HKLM\...\{86E09239-75BC-449E-A288-712FF12A4F02}) (Version: 1.3.39.001 - Ookla)
Spy Emergency 2019-25.0.680 (HKLM\...\Spy Emergency_is1) (Version: - NETGATE Technologies s.r.o.)
Subtitle Edit 3.5.13 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.13.0 - Nikse)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1052 - SUPERAntiSpyware.com)
SUPERAntiSpyware 5.7.1026 (HKLM-x32\...\SUPERAntiSpyware 5.7.1026) (Version: 5.7.1026 - skoda.josef@gmail.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Vistumbler (HKLM-x32\...\Vistumbler) (Version: 10.6.5 - Vistumbler.net)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WiFi Scanner (HKLM-x32\...\{1224CE90-0AA3-41AF-B51F-61C8C796C401}) (Version: 0.8.626 - AccessAgility)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare AllMyTube(Build 7.4.9.2) (HKLM-x32\...\AllMyTube_is1) (Version: 7.4.9.2 - Wondershare)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter(Build 11.7.3.1) (HKLM-x32\...\UniConverter_is1) (Version: 11.7.3.1 - Wondershare Software)

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2020-02-28] (Adobe Systems Incorporated)
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2020-01-14] (Adobe Systems Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.164.200.0_x86__kgqvnymyfvs32 [2020-03-20] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-02-04] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2020.229.1.0_x64__8kea50m9krsh2 [2020-03-06] (Code Spark)
One Task -> C:\Program Files\WindowsApps\64885BlueEdge.OneTask_2018.1124.1.0_x64__8kea50m9krsh2 [2020-03-13] (Code Spark)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.5.1.0_x64__gs5k5vmxr2ste [2020-01-14] (Matt Hafner)
Wifi Analyzer and Scanner -> C:\Program Files\WindowsApps\28877WebProvider.WifiAnalyzerandScanner_1.2.1.0_x64__gdrx0g078t8zg [2019-12-29] (WebProvider)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{0AC68F4B-F9F7-475B-A5B4-383171479500} -> [MEGA] => C:\Users\Lenovo\Documents\MEGA [2020-02-29 13:36]
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-1A069473058F} -> [Creative Cloud Files] => C:\Users\Lenovo\Creative Cloud Files0
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2020-04-06] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.052.0311.0011\amd64\FileSyncShell64.dll [2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-05-12] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [SodaPDFDesktop11_ManagerExt] -> {95288ec1-ce0d-11e8-b453-40167e6e7313} => C:\Program Files\Soda PDF Desktop 11\context-menu.dll [2019-01-21] (LULU Software -> LULU Software)
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => C:\Program Files\NETGATE\Spy Emergency\menuext.dll [2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.052.0311.0011\amd64\FileSyncShell64.dll [2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-05-12] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2020-04-06] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2020-03-18] (Mega Limited -> )
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => C:\Program Files\NETGATE\Spy Emergency\menuext.dll [2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\20.052.0311.0011\amd64\FileSyncShell64.dll [2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-02-05] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => C:\Program Files\NETGATE\Spy Emergency\menuext.dll [2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-03-17 02:34 - 2015-03-17 02:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze
2016-03-03 06:17 - 2016-03-03 06:17 - 000136704 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2016-03-03 06:17 - 2016-03-03 06:17 - 000146944 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2016-01-15 04:06 - 2016-01-15 04:06 - 000057344 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2016-02-22 10:25 - 2016-02-22 10:25 - 000116224 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2015-08-24 10:41 - 2015-08-24 10:41 - 002360622 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
2019-05-22 10:09 - 2019-05-22 10:09 - 000713728 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2018-07-20 06:31 - 2018-07-20 06:31 - 000168448 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2018-07-20 06:31 - 2018-07-20 06:31 - 000591872 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2019-05-15 10:07 - 2019-05-15 10:07 - 006903808 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2018-07-20 06:36 - 2018-07-20 06:36 - 002980352 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll
2019-05-15 10:07 - 2019-05-15 10:07 - 000967168 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2019-04-19 08:38 - 2019-04-19 08:38 - 001259520 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2018-11-22 03:58 - 2018-11-22 03:58 - 011973632 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2019-05-15 10:05 - 2019-05-15 10:05 - 002683392 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2019-05-22 11:51 - 2019-05-22 11:51 - 000278528 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2019-05-22 10:14 - 2019-05-22 10:14 - 000888832 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2018-11-20 12:34 - 2018-11-20 12:34 - 000422400 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2018-12-12 12:36 - 2018-12-12 12:36 - 000633344 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2018-07-20 06:33 - 2018-07-20 06:33 - 000433664 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2014-12-21 18:07 - 2014-12-21 18:07 - 000119822 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2014-12-21 18:07 - 2014-12-21 18:07 - 001026062 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000111616 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlc.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 002285056 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlccore.dll
2016-03-03 06:17 - 2016-03-03 06:17 - 000074752 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000219648 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000049664 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000051200 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000051200 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\control\libhotkeys_plugin.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000037376 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\mmxext\libmemcpymmxext_plugin.dll
2012-06-28 00:23 - 2012-06-28 00:23 - 000070144 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll
2016-02-26 12:07 - 2016-02-26 12:07 - 000049152 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2016-08-15 10:28 - 2016-08-15 10:28 - 001125888 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\qwt.dll
2019-05-22 10:13 - 2019-05-22 10:13 - 001701376 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2016-03-03 06:17 - 2016-03-03 06:17 - 000072192 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll
2016-01-15 04:23 - 2016-01-15 04:23 - 000026112 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2016-04-12 08:13 - 2016-04-12 08:13 - 000067072 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2020-02-06 20:13 - 2016-08-09 13:57 - 001886720 _____ () [File not signed] C:\Program Files\Atomic Alarm Clock\Clock.dll
2020-01-02 23:29 - 2007-11-02 16:20 - 001403904 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\LIBEAY32.dll
2020-01-02 23:29 - 2007-11-02 16:20 - 000243712 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\SSLEAY32.dll
2020-01-02 23:29 - 2007-09-04 15:25 - 000198144 _____ () [File not signed] C:\Program Files\NETGATE\Spy Emergency\unrar.dll
2020-05-16 20:39 - 2020-05-16 20:39 - 000831488 ___RH () [File not signed] C:\ProgramData\478A5347\284EE138.dll
2020-05-16 20:39 - 2020-05-16 20:39 - 001117696 ___RH () [File not signed] C:\ProgramData\478A5347\B79C6115.dll
2020-05-18 21:07 - 2020-05-18 21:07 - 000114176 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\_ctypes.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000173056 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\_elementtree.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 002133504 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\_hashlib.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000032256 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\_multiprocessing.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000046080 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\_psutil_windows.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000047616 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\_socket.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 002701824 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\_ssl.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000026112 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\_yappi.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000080896 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\bz2.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000016384 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\common.time34.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000007680 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\hashobjs_ext.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000301568 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\PIL._imaging.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000169472 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\pyexpat.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 001084416 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\pysqlite2._sqlite.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000548864 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\pythoncom27.dll
2020-05-18 21:07 - 2020-05-18 21:07 - 000137728 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\pywintypes27.dll
2020-05-18 21:07 - 2020-05-18 21:07 - 000010752 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\select.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000020992 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\thumbnails_ext.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000689664 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\unicodedata.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000119808 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\usb_ext.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000128512 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\win32api.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000438784 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\win32com.shell.shell.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000011776 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\win32crypt.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000023040 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\win32event.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000149504 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\win32file.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000223232 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\win32gui.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000048128 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\win32inet.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000029696 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\win32pdh.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000027648 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\win32pipe.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000044032 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\win32process.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000020480 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\win32profile.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000136192 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\win32security.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000026624 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\win32ts.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000034816 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\windows.conditional.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000038400 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\windows.connectivity.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000071680 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\windows.device_monitor.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000109056 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\windows.volumes.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000020480 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\windows.winwrap.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 001325056 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\wx._controls_.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 001489408 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\wx._core_.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 001007104 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\wx._gdi_.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000103424 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\wx._html2.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 000916992 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\wx._misc_.pyd
2020-05-18 21:07 - 2020-05-18 21:07 - 001039872 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\wx._windows_.pyd
2014-11-11 13:00 - 2014-11-11 13:00 - 000967168 _____ () [File not signed] c:\windows\branding\mediasvc.png
2020-02-05 00:21 - 2020-02-05 00:21 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2020-01-02 23:29 - 2011-08-15 18:49 - 001965056 _____ (CPULib Team) [File not signed] C:\Program Files\NETGATE\Spy Emergency\CPULib.dll
2020-03-27 18:50 - 2020-03-27 18:50 - 000398336 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2014-11-11 13:00 - 2014-11-11 13:00 - 000056320 _____ (important) [File not signed] c:\windows\branding\mediasrv.png
2020-05-18 12:43 - 2020-05-18 12:43 - 000040960 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\rfxvmt.dll
2014-12-21 18:07 - 2014-12-21 18:07 - 000049152 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libwinpthread-1.dll
2013-02-19 08:46 - 2013-02-19 08:46 - 000220160 _____ (NETGEAR Inc.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\NETGEAR_PLC_L2_API.dll
2014-03-24 04:32 - 2014-03-24 04:32 - 000060273 _____ (Open Source Software community project) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\pthreadGC2.dll
2020-05-18 21:07 - 2020-05-18 21:07 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\python27.dll
2018-12-10 10:29 - 2018-12-10 10:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\Soda PDF Desktop 11\libcurl.dll
2013-02-11 03:35 - 2013-02-11 03:35 - 001178624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\LIBEAY32.dll
2013-02-11 03:35 - 2013-02-11 03:35 - 000269824 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\ssleay32.dll
2015-10-12 21:44 - 2015-10-12 21:44 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll
2015-10-12 21:45 - 2015-10-12 21:45 - 000034816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll
2015-10-12 21:45 - 2015-10-12 21:45 - 000246784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll
2015-10-12 21:58 - 2015-10-12 21:58 - 000366592 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qmng.dll
2015-10-12 21:48 - 2015-10-12 21:48 - 000028672 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll
2015-10-12 21:58 - 2015-10-12 21:58 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtga.dll
2015-10-12 21:58 - 2015-10-12 21:58 - 000433664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtiff.dll
2015-10-12 21:58 - 2015-10-12 21:58 - 000027136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qwbmp.dll
2015-10-12 21:46 - 2015-10-12 21:46 - 001413632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll
2015-10-12 21:47 - 2015-10-12 21:47 - 000044544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
2015-11-19 06:54 - 2015-11-19 06:54 - 005391360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Core.dll
2015-10-12 21:31 - 2015-10-12 21:31 - 005334528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Gui.dll
2015-10-12 21:26 - 2015-10-12 21:26 - 001528832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Network.dll
2015-10-12 21:42 - 2015-10-12 21:42 - 000334848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5OpenGL.dll
2016-04-13 04:52 - 2016-04-13 04:52 - 000357888 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5PrintSupport.dll
2015-10-12 21:48 - 2015-10-12 21:48 - 000331776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Svg.dll
2015-10-12 21:37 - 2015-10-12 21:37 - 006541824 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Widgets.dll
2015-10-12 21:25 - 2015-10-12 21:25 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Xml.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qgif.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qicns.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qico.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 000245760 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qjpeg.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qsvg.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qtga.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000316416 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qtiff.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qwbmp.dll
2017-09-14 08:42 - 2017-09-14 08:42 - 000322560 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\imageformats\qwebp.dll
2017-09-14 08:37 - 2017-09-14 08:37 - 001010688 _____ (The Qt Company Ltd) [File not signed] C:\Users\Lenovo\AppData\Local\MEGAsync\platforms\qwindows.dll
2020-02-06 20:13 - 2013-02-19 19:16 - 000223744 _____ (Un4seen Developments) [File not signed] C:\Program Files\Atomic Alarm Clock\bass.dll
2019-12-15 05:18 - 2011-05-26 19:20 - 000025088 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxMMTimer.dll
2020-05-18 21:07 - 2020-05-18 21:07 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\wxbase30u_net_vc90_x64.dll
2020-05-18 21:07 - 2020-05-18 21:07 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\wxbase30u_vc90_x64.dll
2020-05-18 21:07 - 2020-05-18 21:07 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\wxmsw30u_adv_vc90_x64.dll
2020-05-18 21:07 - 2020-05-18 21:07 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\wxmsw30u_core_vc90_x64.dll
2020-05-18 21:07 - 2020-05-18 21:07 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\wxmsw30u_html_vc90_x64.dll
2020-05-18 21:07 - 2020-05-18 21:07 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Lenovo\AppData\Local\Temp\_MEI97202\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2020-04-01 09:29 - 000001050 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 activation.acronis.com web-api-tih.acronis.com
127.0.0.1 activation.acronis.com web-api-tih.acronis.com
127.0.0.1 superantispyware.com
127.0.0.1 license.superantispyware.com
127.0.0.1 platform.wondershare.com

2019-12-11 00:22 - 2020-01-01 21:30 - 000000446 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\Disk Google\FOTA\Žbytek\pozadi_desktop.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\StartupApproved\Run: => "CCXProcess"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ECC5C0DF-C134-40A8-9601-7CBC3691B50B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{32264D73-4A5A-4A5A-9BCA-378659F18271}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B8CAF877-3F51-4C3A-B0A0-AA99D451982C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{826B3E9F-B6C6-448C-9D76-C61DCBBD9D55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{51CD8B13-C161-4AA3-9D9C-ECCA1E9127C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E93BA065-E320-40F8-9037-D61F84DCCA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8A5D56B0-A3AA-4D45-9A96-6BDA5305D721}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CCBBDA7F-E030-4D56-B4A9-3FB611C4B13C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{69E0CBFD-18B6-4005-9FD0-A0668760395C}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
FirewallRules: [UDP Query User{FDF815F9-202B-4C72-9DC4-2F7267662A34}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
FirewallRules: [TCP Query User{E4B9757F-1A41-4FD0-BBAC-5AF4CEC63EEF}C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe] => (Allow) C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> )
FirewallRules: [UDP Query User{0AEB44B9-512C-4883-93FF-AC00848676D0}C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe] => (Allow) C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> )
FirewallRules: [TCP Query User{9EE078EE-93C5-4269-9E34-2E57440E1E3C}C:\program files\slimjet\slimjet.exe] => (Allow) C:\program files\slimjet\slimjet.exe (FlashPeak Inc. -> FlashPeak Inc.)
FirewallRules: [UDP Query User{249DADE6-0CED-4CA5-9CF4-3A26ECF6DAB3}C:\program files\slimjet\slimjet.exe] => (Allow) C:\program files\slimjet\slimjet.exe (FlashPeak Inc. -> FlashPeak Inc.)
FirewallRules: [{2AD33F00-D99B-4A75-B96A-0B3A2C590268}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C653BB6-22A9-498C-9A9E-BD9FC8D11DD3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{69CC26C3-C176-4998-864F-D6238211EF3B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{594CE807-87B7-4A0C-8C3F-2CA276A9033B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{C2CA6D5F-6D93-4143-AEF8-4F567BF6B6D8}C:\users\lenovo\appdata\anydesk.exe] => (Block) C:\users\lenovo\appdata\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{AC70804A-2780-4E53-A515-6D72A843DCD4}C:\users\lenovo\appdata\anydesk.exe] => (Block) C:\users\lenovo\appdata\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{7D2C1581-0DB3-413B-801A-8ACE91874562}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{EE542E4B-1D2E-4A70-A7D9-7E289BCB200B}C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe] => (Block) C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> )
FirewallRules: [UDP Query User{5F3C8115-83D4-4FD3-988B-9B5F3CBDAFA2}C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe] => (Block) C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> )
FirewallRules: [{FB958E14-041F-4A53-B444-57EEC02D7A60}] => (Allow) C:\Users\Lenovo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{49D44BF3-1090-4AAA-9A6C-2AE635E315F6}] => (Allow) C:\Users\Lenovo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (05/18/2020 09:08:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 155.0.168.192.in-addr.arpa. PTR DESKTOP-AJUSQ3V.local.

Error: (05/18/2020 09:08:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.155:5353 25 155.0.168.192.in-addr.arpa. PTR DESKTOP-AJUSQ3V-2.local.

Error: (05/18/2020 09:04:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5200,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\Windows\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/18/2020 08:57:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 155.0.168.192.in-addr.arpa. PTR DESKTOP-AJUSQ3V.local.

Error: (05/18/2020 08:57:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.155:5353 25 155.0.168.192.in-addr.arpa. PTR DESKTOP-AJUSQ3V-2.local.

Error: (05/18/2020 08:54:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4720,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\Windows\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/18/2020 08:47:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 23 155.0.168.192.in-addr.arpa. PTR DESKTOP-AJUSQ3V.local.

Error: (05/18/2020 08:47:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.155:5353 25 155.0.168.192.in-addr.arpa. PTR DESKTOP-AJUSQ3V-2.local.


System errors:
=============
Error: (05/18/2020 09:11:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (05/18/2020 09:11:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-AJUSQ3V)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/18/2020 09:09:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (05/18/2020 09:09:25 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/18/2020 09:07:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (05/18/2020 09:07:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba !SASCORE neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/18/2020 09:07:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby !SASCORE bylo dosaženo časového limitu (45000 ms).

Error: (05/18/2020 09:07:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba luafv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.


Windows Defender:
===================================
Date: 2020-03-21 22:41:36.104
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {98657F1E-8680-4CCE-94A1-A077C5F66E0C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-19 20:57:46.592
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FE8D7ADF-2D72-431B-8B91-AB63E279CA6A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-18 19:47:18.566
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {36D017AC-1B3D-4AA8-8D42-0564EC175D29}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-18 18:21:07.747
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Lenovo\AppData\Local\Temp\Kill.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AJUSQ3V\Lenovo
Název procesu: C:\Users\Lenovo\Desktop\Patch\Patch\Acronis True Image 2020 v24 Patch.exe
Verze bezpečnostních informací: AV: 1.311.1479.0, AS: 1.311.1479.0, NIS: 1.311.1479.0
Verze modulu: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-18 14:17:52.463
Description:
Antivirová ochrana v programu Windows Defender zjistil podezřelé chování.
Název: Behavior:Win32/ModifiedBootRecord
ID: 504435955
Závažnost: Nízké
Kategorie: Podezřelé chování
Nalezená cesta: file:_C:\Users\Lenovo\AppData\Local\Temp\un5005.exe; process:_1932
Původ detekce: Místní počítač
Typ detekce: Podezřelý
Zdroj detekce: Ochrana v reálném čase
Stav: Provádění
Uživatel: DESKTOP-AJUSQ3V\Lenovo
Název procesu: C:\Users\Lenovo\AppData\Local\Temp\un5005.exe
ID bezpečnostních informací: 23858570787236
Verze bezpečnostních informací: AV: 1.311.1454.0, AS: 1.311.1454.0
Verze modulu: 1.1.16800.2
Štítek věrnosti: Střední
Název cílového souboru:

CodeIntegrity:
===================================

Date: 2020-05-18 21:10:04.606
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 21:10:04.604
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 21:09:39.869
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 21:09:39.867
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 21:07:33.009
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 21:07:33.008
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 21:07:11.610
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-18 21:07:11.554
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO 7ACN24WW 06/25/2013
Motherboard: LENOVO G700
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 44%
Total physical RAM: 8071.35 MB
Available physical RAM: 4498.57 MB
Total Virtual: 16263.35 MB
Available Virtual: 12486.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.02 GB) (Free:214.91 GB) NTFS

\\?\Volume{d5ebbff9-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D5EBBFF9)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Ran by Lenovo (administrator) on DESKTOP-AJUSQ3V (LENOVO 20251) (18-05-2020 21:09:55)
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Lenovo
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe
() [File not signed] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
() [File not signed] C:\Program Files\Free Desktop Clock\timeserv.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\creator\common\creator-ws.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\updater-ws.exe
(LULU Software -> LULU Software) C:\Program Files\Soda PDF Desktop 11\ws.exe
(Mega Limited -> Mega Limited) C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20212.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20212.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20022.11011.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <2>
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe
(NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.) C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe
(NETGEAR TAIWAN CO., LTD -> ) C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Users\Lenovo\AppData\Roaming\Oracle\bin\java.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Users\Lenovo\AppData\Roaming\Oracle\bin\javaw.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5641776 2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe [1582952 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48214752 2020-04-06] (Google LLC -> )
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [Nexus] => [X]
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [Nexus-Ultimate] => C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe [14558848 2011-10-11] (Winstep Software Technologies) [File not signed]
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [610904 2018-07-23] (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [AtomicAlarmClock6] => C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [5321728 2016-08-16] () [File not signed]
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [597640 2020-02-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5417008 2020-05-04] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9230256 2020-03-14] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [uTorrent] => C:\Users\Lenovo\AppData\Roaming\uTorrent\uTorrent.exe [2073328 2020-02-18] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [bvCkqlDgKUt] => "C:\Users\Lenovo\AppData\Roaming\Oracle\bin\javaw.exe" -jar "C:\Users\Lenovo\PTCVWyAJvEp\XWHPSJfipJk.zbJXrg"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Policies\system: [DISABLETASKMGR] 2
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {286bab2a-9206-11ea-b900-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {286bad11-9206-11ea-b900-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {617a45cc-77be-11ea-b8fb-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {ef0c3d1e-92c1-11ea-b901-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {f00e25ed-4d2a-11ea-b8e0-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-06] (Google LLC -> Google LLC)
IFEO\acs.exe: [Debugger] svchost.exe
IFEO\AdAwareDesktop.exe: [Debugger] svchost.exe
IFEO\AdAwareService.exe: [Debugger] svchost.exe
IFEO\AdAwareTray.exe: [Debugger] svchost.exe
IFEO\AgentSvc.exe: [Debugger] svchost.exe
IFEO\AVK.exe: [Debugger] svchost.exe
IFEO\AVKProxy.exe: [Debugger] svchost.exe
IFEO\AVKService.exe: [Debugger] svchost.exe
IFEO\AVKTray.exe: [Debugger] svchost.exe
IFEO\AVKWCtlx64.exe: [Debugger] svchost.exe
IFEO\avpmapp.exe: [Debugger] svchost.exe
IFEO\av_task.exe: [Debugger] svchost.exe
IFEO\Bav.exe: [Debugger] svchost.exe
IFEO\bavhm.exe: [Debugger] svchost.exe
IFEO\BavSvc.exe: [Debugger] svchost.exe
IFEO\BavTray.exe: [Debugger] svchost.exe
IFEO\BavUpdater.exe: [Debugger] svchost.exe
IFEO\BavWebClient.exe: [Debugger] svchost.exe
IFEO\BDSSVC.EXE: [Debugger] svchost.exe
IFEO\BgScan.exe: [Debugger] svchost.exe
IFEO\BullGuard.exe: [Debugger] svchost.exe
IFEO\BullGuardBhvScanner.exe: [Debugger] svchost.exe
IFEO\BullGuardUpdate.exe: [Debugger] svchost.exe
IFEO\BullGuarScanner.exe: [Debugger] svchost.exe
IFEO\capinfos.exe: [Debugger] svchost.exe
IFEO\cavwp.exe: [Debugger] svchost.exe
IFEO\CertReg.exe: [Debugger] svchost.exe
IFEO\cis.exe: [Debugger] svchost.exe
IFEO\CisTray.exe: [Debugger] svchost.exe
IFEO\clamscan.exe: [Debugger] svchost.exe
IFEO\ClamTray.exe: [Debugger] svchost.exe
IFEO\ClamWin.exe: [Debugger] svchost.exe
IFEO\cmdagent.exe: [Debugger] svchost.exe
IFEO\ConfigSecurityPolicy.exe: [Debugger] svchost.exe
IFEO\CONSCTLX.EXE: [Debugger] svchost.exe
IFEO\coreFrameworkHost.exe: [Debugger] svchost.exe
IFEO\coreServiceShell.exe: [Debugger] svchost.exe
IFEO\dragon_updater.exe: [Debugger] svchost.exe
IFEO\dumpcap.exe: [Debugger] svchost.exe
IFEO\econceal.exe: [Debugger] svchost.exe
IFEO\econser.exe: [Debugger] svchost.exe
IFEO\editcap.exe: [Debugger] svchost.exe
IFEO\EMLPROXY.EXE: [Debugger] svchost.exe
IFEO\escanmon.exe: [Debugger] svchost.exe
IFEO\escanpro.exe: [Debugger] svchost.exe
IFEO\fcappdb.exe: [Debugger] svchost.exe
IFEO\FCDBlog.exe: [Debugger] svchost.exe
IFEO\FCHelper64.exe: [Debugger] svchost.exe
IFEO\FilMsg.exe: [Debugger] svchost.exe
IFEO\FilUp.exe: [Debugger] svchost.exe
IFEO\filwscc.exe: [Debugger] svchost.exe
IFEO\fmon.exe: [Debugger] svchost.exe
IFEO\FortiClient.exe: [Debugger] svchost.exe
IFEO\FortiClient_Diagnostic_Tool.exe: [Debugger] svchost.exe
IFEO\FortiESNAC.exe: [Debugger] svchost.exe
IFEO\FortiFW.exe: [Debugger] svchost.exe
IFEO\FortiProxy.exe: [Debugger] svchost.exe
IFEO\FortiSSLVPNdaemon.exe: [Debugger] svchost.exe
IFEO\FortiTray.exe: [Debugger] svchost.exe
IFEO\FPAVServer.exe: [Debugger] svchost.exe
IFEO\FProtTray.exe: [Debugger] svchost.exe
IFEO\FPWin.exe: [Debugger] svchost.exe
IFEO\freshclam.exe: [Debugger] svchost.exe
IFEO\freshclamwrap.exe: [Debugger] svchost.exe
IFEO\fsgk32.exe: [Debugger] svchost.exe
IFEO\FSHDLL64.exe: [Debugger] svchost.exe
IFEO\fshoster32.exe: [Debugger] svchost.exe
IFEO\FSM32.EXE: [Debugger] svchost.exe
IFEO\FSMA32.EXE: [Debugger] svchost.exe
IFEO\fsorsp.exe: [Debugger] svchost.exe
IFEO\fssm32.exe: [Debugger] svchost.exe
IFEO\GdBgInx64.exe: [Debugger] svchost.exe
IFEO\GDKBFltExe32.exe: [Debugger] svchost.exe
IFEO\GDSC.exe: [Debugger] svchost.exe
IFEO\GDScan.exe: [Debugger] svchost.exe
IFEO\guardxkickoff_x64.exe: [Debugger] svchost.exe
IFEO\guardxservice.exe: [Debugger] svchost.exe
IFEO\iptray.exe: [Debugger] svchost.exe
IFEO\K7AVScan.exe: [Debugger] svchost.exe
IFEO\K7CrvSvc.exe: [Debugger] svchost.exe
IFEO\K7EmlPxy.EXE: [Debugger] svchost.exe
IFEO\K7FWSrvc.exe: [Debugger] svchost.exe
IFEO\K7PSSrvc.exe: [Debugger] svchost.exe
IFEO\K7RTScan.exe: [Debugger] svchost.exe
IFEO\K7SysMon.Exe: [Debugger] svchost.exe
IFEO\K7TSecurity.exe: [Debugger] svchost.exe
IFEO\K7TSMain.exe: [Debugger] svchost.exe
IFEO\K7TSMngr.exe: [Debugger] svchost.exe
IFEO\LittleHook.exe: [Debugger] svchost.exe
IFEO\mbam.exe: [Debugger] svchost.exe
IFEO\mbamscheduler.exe: [Debugger] svchost.exe
IFEO\mbamservice.exe: [Debugger] svchost.exe
IFEO\MCS-Uninstall.exe: [Debugger] svchost.exe
IFEO\MCShieldCCC.exe: [Debugger] svchost.exe
IFEO\MCShieldDS.exe: [Debugger] svchost.exe
IFEO\MCShieldRTM.exe: [Debugger] svchost.exe
IFEO\mergecap.exe: [Debugger] svchost.exe
IFEO\MpCmdRun.exe: [Debugger] svchost.exe
IFEO\MpUXSrv.exe: [Debugger] svchost.exe
IFEO\MSASCui.exe: [Debugger] svchost.exe
IFEO\MsMpEng.exe: [Debugger] svchost.exe
IFEO\MWAGENT.EXE: [Debugger] svchost.exe
IFEO\MWASER.EXE: [Debugger] svchost.exe
IFEO\nanoav.exe: [Debugger] svchost.exe
IFEO\nanosvc.exe: [Debugger] svchost.exe
IFEO\nbrowser.exe: [Debugger] svchost.exe
IFEO\nfservice.exe: [Debugger] svchost.exe
IFEO\NisSrv.exe: [Debugger] svchost.exe
IFEO\njeeves2.exe: [Debugger] svchost.exe
IFEO\nnf.exe: [Debugger] svchost.exe
IFEO\nprosec.exe: [Debugger] svchost.exe
IFEO\NS.exe: [Debugger] svchost.exe
IFEO\nseupdatesvc.exe: [Debugger] svchost.exe
IFEO\nvcod.exe: [Debugger] svchost.exe
IFEO\nvcsvc.exe: [Debugger] svchost.exe
IFEO\nvoy.exe: [Debugger] svchost.exe
IFEO\nwscmon.exe: [Debugger] svchost.exe
IFEO\ONLINENT.EXE: [Debugger] svchost.exe
IFEO\OPSSVC.EXE: [Debugger] svchost.exe
IFEO\op_mon.exe: [Debugger] svchost.exe
IFEO\ProcessHacker.exe: [Debugger] svchost.exe
IFEO\procexp.exe: [Debugger] svchost.exe
IFEO\PSANHost.exe: [Debugger] svchost.exe
IFEO\PSUAMain.exe: [Debugger] svchost.exe
IFEO\PSUAService.exe: [Debugger] svchost.exe
IFEO\psview.exe: [Debugger] svchost.exe
IFEO\PtSessionAgent.exe: [Debugger] svchost.exe
IFEO\PtSvcHost.exe: [Debugger] svchost.exe
IFEO\PtWatchDog.exe: [Debugger] svchost.exe
IFEO\quamgr.exe: [Debugger] svchost.exe
IFEO\QUHLPSVC.EXE: [Debugger] svchost.exe
IFEO\rawshark.exe: [Debugger] svchost.exe
IFEO\SAPISSVC.EXE: [Debugger] svchost.exe
IFEO\SASCore64.exe: [Debugger] svchost.exe
IFEO\SASTask.exe: [Debugger] svchost.exe
IFEO\SBAMSvc.exe: [Debugger] svchost.exe
IFEO\SBAMTray.exe: [Debugger] svchost.exe
IFEO\SBPIMSvc.exe: [Debugger] svchost.exe
IFEO\SCANNER.EXE: [Debugger] svchost.exe
IFEO\SCANWSCS.EXE: [Debugger] svchost.exe
IFEO\schmgr.exe: [Debugger] svchost.exe
IFEO\scproxysrv.exe: [Debugger] svchost.exe
IFEO\ScSecSvc.exe: [Debugger] svchost.exe
IFEO\SDFSSvc.exe: [Debugger] svchost.exe
IFEO\SDScan.exe: [Debugger] svchost.exe
IFEO\SDTray.exe: [Debugger] svchost.exe
IFEO\SDWelcome.exe: [Debugger] svchost.exe
IFEO\SSUpdate64.exe: [Debugger] svchost.exe
IFEO\SUPERAntiSpyware.exe: [Debugger] svchost.exe
IFEO\SUPERDelete.exe: [Debugger] svchost.exe
IFEO\Taskmgr.exe: [Debugger] svchost.exe
IFEO\text2pcap.exe: [Debugger] svchost.exe
IFEO\TRAYICOS.EXE: [Debugger] svchost.exe
IFEO\TRAYSSER.EXE: [Debugger] svchost.exe
IFEO\trigger.exe: [Debugger] svchost.exe
IFEO\tshark.exe: [Debugger] svchost.exe
IFEO\twsscan.exe: [Debugger] svchost.exe
IFEO\twssrv.exe: [Debugger] svchost.exe
IFEO\uiSeAgnt.exe: [Debugger] svchost.exe
IFEO\uiUpdateTray.exe: [Debugger] svchost.exe
IFEO\uiWatchDog.exe: [Debugger] svchost.exe
IFEO\uiWinMgr.exe: [Debugger] svchost.exe
IFEO\UnThreat.exe: [Debugger] svchost.exe
IFEO\UserAccountControlSettings.exe: [Debugger] svchost.exe
IFEO\UserReg.exe: [Debugger] svchost.exe
IFEO\utsvc.exe: [Debugger] svchost.exe
IFEO\V3Main.exe: [Debugger] svchost.exe
IFEO\V3Medic.exe: [Debugger] svchost.exe
IFEO\V3Proxy.exe: [Debugger] svchost.exe
IFEO\V3SP.exe: [Debugger] svchost.exe
IFEO\V3Svc.exe: [Debugger] svchost.exe
IFEO\V3Up.exe: [Debugger] svchost.exe
IFEO\VIEWTCP.EXE: [Debugger] svchost.exe
IFEO\VIPREUI.exe: [Debugger] svchost.exe
IFEO\virusutilities.exe: [Debugger] svchost.exe
IFEO\WebCompanion.exe: [Debugger] svchost.exe
IFEO\wireshark.exe: [Debugger] svchost.exe
IFEO\Zanda.exe: [Debugger] svchost.exe
IFEO\Zlh.exe: [Debugger] svchost.exe
IFEO\zlhh.exe: [Debugger] svchost.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bitmeter2.lnk [2020-01-13]
ShortcutTarget: Bitmeter2.lnk -> C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe () [File not signed]
InternetURL: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IyJtAZtWgF.url -> URL: "file:///C:\ProgramData\TePmHeashU\svchost.exe"
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-02-29]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\One Calendar.lnk [2020-03-13]
ShortcutTarget: One Calendar.lnk -> (No File)
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\One Task.lnk [2020-03-13]
ShortcutTarget: One Task.lnk -> (No File)
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\syncthing.exe – zástupce.lnk [2020-03-09]
ShortcutTarget: syncthing.exe – zástupce.lnk -> C:\Program Files\Syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> )
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Vista.ini.lnk [2020-05-18]
ShortcutTarget: Vista.ini.lnk -> C:\Users\Lenovo\AppData\Vista.js () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {029293AC-5946-4948-9534-A54B47F345D5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {10BB8719-F4F5-4CDD-96BD-36EAF11734E2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {155A9008-17E0-4D6A-BD0E-901E98278445} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {19507FD4-2017-469D-B214-86497FC0BB41} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-760426430-1322398698-3842268529-1001 => C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {23FA26BB-C039-4F85-A5B3-F0136F87928D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2F335A4F-80E8-4411-93C8-E5FE62321694} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {385DC512-6B48-450A-9A0D-FCFA9AAFF7F5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B214E58-39E1-4C7C-BE90-A66AB50B9BB9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B3A6579-E11F-4DAF-A365-9096252B8E14} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44AFAA77-0F1A-4E28-857C-C180BC35E62F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {51468BEE-AC0A-4A49-BCCC-4D736A590B9E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654456 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5846F0E5-0884-470C-BD0B-F6BF74C3B9B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5C4D55AE-D06D-45BC-A96C-44BDE8187243} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6D2C3372-83D8-494D-A1FE-B15D0454D774} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {766E348E-5F74-438F-9D66-D5C8B72E952C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913720 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {78009D8F-5624-421B-8AFA-5E2E8FA413A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-10] (Google Inc -> Google LLC)
Task: {85319050-528F-4B2F-80A6-044395A733E9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {983C1DF4-D772-4280-9DB2-B6698167FE3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-10] (Google Inc -> Google LLC)
Task: {BA1E06EA-A545-437B-B4DE-AA82D3DCCF52} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files (x86)\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [2734968 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {C03BB4C7-0B1B-4775-8E95-0D1F1859E7DE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301928 2019-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC22BB48-95E3-43D5-97E9-B9A3DE77D9AB} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133368 2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DE2AA4F3-D094-4B05-A85E-FE8DFD096B93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EB81E3CB-AB5A-4AFD-A222-C7C96480FA00} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Proxy is enabled.
ProxyServer: [.DEFAULT] => 127.0.0.1:8080
ProxyEnable: [S-1-5-19] => Proxy is enabled.
ProxyServer: [S-1-5-19] => 127.0.0.1:8080
ProxyEnable: [S-1-5-20] => Proxy is enabled.
ProxyServer: [S-1-5-20] => 127.0.0.1:8080
ProxyEnable: [S-1-5-21-760426430-1322398698-3842268529-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-760426430-1322398698-3842268529-1001] => 127.0.0.1:8080
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{492b48f8-e2f8-4dbb-99e5-140c600e4a94}: [DhcpNameServer] 192.168.150.237 192.168.3.1
Tcpip\..\Interfaces\{d22bb9ac-ab75-40ee-9000-0d9611b37417}: [DhcpNameServer] 192.168.0.1
ManualProxies: 1127.0.0.1:8080

Internet Explorer:
==================
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
BHO: Soda PDF Desktop 11 Helper -> {9703de71-ce0d-11e8-9c83-40167e6e7313} -> C:\Program Files\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-helper.dll [2019-01-21] (LULU Software -> LULU Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Soda PDF Desktop 11 Helper -> {9703de71-ce0d-11e8-9c83-40167e6e7313} -> C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-helper.dll [2019-01-21] (LULU Software -> LULU Software)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-17] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Soda PDF Desktop 11 Toolbar - {970516f0-ce0d-11e8-8baa-40167e6e7313} - C:\Program Files\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-01-21] (LULU Software -> LULU Software)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Soda PDF Desktop 11 Toolbar - {970516f0-ce0d-11e8-8baa-40167e6e7313} - C:\Program Files (x86)\Soda PDF Desktop 11\creator\plugins\IEAddin\creator-ie-plugin.dll [2019-01-21] (LULU Software -> LULU Software)
IE Session Restore: HKU\S-1-5-21-760426430-1322398698-3842268529-1001 -> is enabled.

Edge:
======
DownloadDir: C:\Users\Lenovo\Downloads

FireFox:
========
FF DefaultProfile: v8ckfixm.default
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\v8ckfixm.default [2020-05-16]
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\tgjsky57.default-release [2020-05-18]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-02-04]
FF HKLM\...\Firefox\Extensions: [soda_pdf_desktop_11_conv_v.4@sodapdf.com] - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\soda_pdf_desktop_11_conv_v.4@sodapdf.com.xpi
FF Extension: (Soda PDF Desktop 11 Creator) - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\soda_pdf_desktop_11_conv_v.4@sodapdf.com.xpi [2019-01-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [soda_pdf_desktop_11_conv_v.4@sodapdf.com] - C:\Program Files\Soda PDF Desktop 11\creator\plugins\FirefoxAddin\soda_pdf_desktop_11_conv_v.4@sodapdf.com.xpi
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: Soda PDF Desktop 11 -> C:\Program Files (x86)\Soda PDF Desktop 11\np-previewer.dll [2019-01-21] (LULU Software -> LULU Software)

Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2020-05-18]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://fastshare.cz; hxxps://www.namaximum.cz
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com ... oogle.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-12-10]
CHR Extension: (Dokumenty) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-12-10]
CHR Extension: (Disk Google) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-10]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-12-10]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-08]
CHR Extension: (Click to Tab) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebicmkkcnhdiglneianohfjapmanjoek [2020-03-15]
CHR Extension: (Adobe Acrobat) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-02-28]
CHR Extension: (Feedly Notifier) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\egikgfbhipinieabdmcpigejkaomgjgb [2020-04-21]
CHR Extension: (Tabulky) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-12-10]
CHR Extension: (Save as Shortcut) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\flehofiklehmnnolpjcamplcnmhgcbkk [2019-12-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-28]
CHR Extension: (Inoreader - RSS, News and Social Reader) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhglljfmpijadbpkalkclnhlncncdono [2019-12-10]
CHR Extension: (Tab Activate) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlmadbnpnnolpaljadgakjilggigioaj [2020-03-15]
CHR Extension: (Save as PDF) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2019-12-10]
CHR Extension: (gLinks) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\leanhbopikglhiejeckmchmobphcpphm [2019-12-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-12-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-10]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-10]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-28]
CHR HKU\S-1-5-21-760426430-1322398698-3842268529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-760426430-1322398698-3842268529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 478A5347; C:\ProgramData\478A5347\B79C6115.dll [1117696 2020-05-16] () [File not signed]
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AtomicAlarmClock; C:\Program Files\Free Desktop Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe [553600 2020-04-01] (NZXT, Inc. -> )
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
S3 FileSyncHelper; C:\Program Files (x86)\Microsoft OneDrive\FileSyncHelper.exe [2150248 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-12-27] (Mixbyte Inc -> Freemake)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2020-01-15] (FUTUREMARK INC -> Futuremark)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-12-27] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [337888 2016-05-04] (Intel(R) pGFX -> Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-13] (Malwarebytes Inc -> Malwarebytes)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [233456 2017-07-04] (Netgear Incorporated -> NETGEAR)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-09-28] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files (x86)\Microsoft OneDrive\OneDriveUpdaterService.exe [2509688 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
R3 Soda PDF Desktop 11; C:\Program Files\Soda PDF Desktop 11\ws.exe [2465096 2019-01-21] (LULU Software -> LULU Software)
R2 Soda PDF Desktop 11 Creator; C:\Program Files\Soda PDF Desktop 11\creator\common\creator-ws.exe [720200 2019-01-21] (LULU Software -> LULU Software)
R2 Soda PDF Desktop 11 Update Service; C:\Program Files\Soda PDF Desktop 11\updater-ws.exe [1764680 2019-01-21] (LULU Software -> LULU Software)
R2 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [378568 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R2 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3315400 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R2 TermService; C:\Windows\branding\mediasrv.png [56320 2014-11-11] (important) [File not signed] <==== ATTENTION (no ServiceDLL)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.6-0\NisSrv.exe [3294680 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate(CPC)\Transfer\DriverInstall.exe [112560 2020-03-25] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 L1C; C:\Windows\System32\drivers\L1C63x64.sys [121344 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Co., Ltd.)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2020-01-02] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17608 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24776 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [19656 2019-11-16] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [391392 2020-03-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-20] (Microsoft Windows -> Microsoft Corporation)
S0 fltsrv; system32\DRIVERS\fltsrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-18 21:09 - 2020-05-18 21:10 - 000044485 _____ C:\Users\Lenovo\Desktop\FRST.txt
2020-05-18 21:04 - 2020-05-18 21:05 - 000061125 _____ C:\Users\Lenovo\Desktop\Addition.txt
2020-05-18 20:13 - 2020-05-18 20:17 - 000000000 ____D C:\AdwCleaner
2020-05-18 20:13 - 2020-05-18 20:13 - 008196784 _____ (Malwarebytes) C:\Users\Lenovo\Desktop\adwcleaner_8.0.4.exe
2020-05-18 20:13 - 2020-05-18 20:13 - 001980016 _____ (Malwarebytes) C:\Users\Lenovo\Downloads\MBSetup.exe
2020-05-18 19:50 - 2020-05-18 21:09 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\uTorrent
2020-05-18 19:15 - 2020-05-18 19:16 - 000060985 _____ C:\Users\Lenovo\Downloads\Addition.txt
2020-05-18 19:14 - 2020-05-18 19:16 - 000059230 _____ C:\Users\Lenovo\Downloads\FRST.txt
2020-05-18 19:13 - 2020-05-18 21:10 - 000000000 ____D C:\FRST
2020-05-18 19:13 - 2020-05-18 19:13 - 002286080 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST64.exe
2020-05-18 17:54 - 2020-05-18 17:54 - 000000000 ____D C:\rsit
2020-05-18 17:54 - 2020-05-18 17:54 - 000000000 ____D C:\Program Files\trend micro
2020-05-18 17:53 - 2020-05-18 17:53 - 001222144 _____ C:\Users\Lenovo\Downloads\RSITx64.exe
2020-05-18 12:43 - 2020-05-18 12:43 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2020-05-18 12:39 - 2020-05-18 12:40 - 002667520 _____ (Icons8-Ios7-Household-Mouse-Trap-Mouse may) C:\Users\Public\signed.exe
2020-05-17 19:24 - 2020-05-17 22:38 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Opera Software
2020-05-17 19:23 - 2020-05-17 22:38 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Opera Software
2020-05-17 19:22 - 2020-05-17 19:22 - 000000897 _____ C:\Users\Lenovo\Desktop\µTorrent.lnk
2020-05-17 13:14 - 2020-05-17 13:14 - 000007413 _____ C:\Users\Lenovo\AppData\Roaming\ID.js
2020-05-16 20:39 - 2020-05-18 21:07 - 000000000 ____D C:\ProgramData\478A5347
2020-05-16 20:38 - 2020-05-16 20:38 - 001119232 _____ C:\Users\Lenovo\AppData\Roaming\notepad.exe
2020-05-16 14:29 - 2020-05-18 21:07 - 000000646 _____ C:\Windows\SysWOW64\test.txt
2020-05-16 13:35 - 2020-05-16 14:30 - 000002030 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2020-05-16 09:42 - 2020-05-16 09:42 - 000001060 _____ C:\Users\Public\Desktop\HiSuite.lnk
2020-05-16 09:42 - 2020-05-16 09:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2020-05-16 09:41 - 2020-05-16 09:42 - 000000000 ____D C:\Program Files (x86)\HiSuite
2020-05-15 14:00 - 2020-05-15 14:00 - 000490846 _____ C:\Users\Lenovo\AppData\Roaming\oicxmzkagb.txt
2020-05-15 13:51 - 2020-05-15 13:51 - 000490846 _____ C:\Users\Lenovo\AppData\Roaming\jbghuhqrms.txt
2020-05-15 13:51 - 2020-05-15 13:51 - 000000000 ___HD C:\Users\Lenovo\PTCVWyAJvEp
2020-05-15 13:51 - 2020-05-15 13:51 - 000000000 ____D C:\Users\Lenovo\fUTkALeaTxM
2020-05-15 13:51 - 2020-05-15 13:51 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Oracle
2020-05-15 08:46 - 2020-05-15 08:46 - 000001216 _____ C:\Users\Lenovo\Desktop\MemTest64.exe – zástupce.lnk
2020-05-14 17:35 - 2020-05-17 13:14 - 000007413 _____ C:\Users\Lenovo\AppData\Vista.js
2020-05-14 17:15 - 2020-05-14 17:15 - 000000000 ____D C:\Wondershare UniConverter
2020-05-14 17:15 - 2020-05-14 17:15 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2020-05-14 17:13 - 2020-05-15 13:56 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Wondershare
2020-05-14 17:13 - 2020-05-15 13:55 - 000000000 ____D C:\ProgramData\Wondershare
2020-05-14 17:13 - 2020-05-15 13:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2020-05-14 17:13 - 2020-05-15 13:55 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-05-14 17:13 - 2020-05-14 17:13 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\TransferSupport
2020-05-14 17:13 - 2020-05-14 17:13 - 000000000 ____D C:\ProgramData\Wondershare MediaServer
2020-05-14 17:13 - 2020-05-14 17:13 - 000000000 ____D C:\ProgramData\GraphicsType
2020-05-14 17:10 - 2020-05-15 13:56 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2020-05-13 11:46 - 2020-05-13 12:15 - 002147131 _____ C:\Users\Lenovo\Desktop\Karlův moučník.odt
2020-05-12 21:52 - 2020-05-12 21:52 - 000000000 ___HD C:\OneDriveTemp
2020-05-12 15:02 - 2020-05-15 08:36 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\AIMP
2020-05-12 15:02 - 2020-05-12 15:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP
2020-05-12 15:02 - 2020-05-12 15:02 - 000000000 ____D C:\Program Files (x86)\AIMP
2020-05-11 14:37 - 2020-05-11 14:50 - 000921440 _____ C:\Users\Lenovo\Desktop\Nepečený pamlsek.odt
2020-05-10 14:51 - 2020-05-10 15:40 - 000000000 ____D C:\Users\Lenovo\Documents\HiSuite
2020-05-10 14:51 - 2020-05-10 14:51 - 000000000 ____D C:\Users\Lenovo\.android
2020-05-10 14:50 - 2020-05-16 09:41 - 000000000 ____D C:\Users\Lenovo\AppData\Local\HiSuite
2020-05-10 14:50 - 2019-12-27 04:18 - 002152176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01009.dll
2020-05-10 14:50 - 2019-12-27 04:18 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01009.dll
2020-05-10 14:50 - 2019-12-27 04:18 - 001002728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusbcoinstaller2.dll
2020-05-10 14:50 - 2019-12-27 04:18 - 000287232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbnet.sys
2020-05-10 14:50 - 2019-12-27 04:18 - 000226560 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2020-05-10 14:50 - 2019-12-27 04:18 - 000127360 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_cdcacm.sys
2020-05-10 14:50 - 2019-12-27 04:18 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2020-05-10 14:50 - 2019-12-27 04:18 - 000018944 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbccgpfilter.sys
2020-05-08 00:48 - 2020-05-06 22:52 - 000177620 _____ C:\Users\Lenovo\AppData\Roaming\windowsupdate
2020-05-02 07:26 - 2020-05-02 07:27 - 000000000 ____D C:\Users\Lenovo\Desktop\FreemakeVideoDownloader_3.8.3.5
2020-05-01 19:49 - 2020-05-01 21:49 - 000000000 ____D C:\Users\Lenovo\Desktop\MemTest86.8.3
2020-05-01 19:18 - 2020-05-13 07:04 - 000000000 ____D C:\Users\Lenovo\Desktop\Freemake Video Converter 4.1.10.491 Multilingual
2020-04-28 23:46 - 2020-05-15 16:54 - 000000000 ____D C:\Windows\Minidump

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-18 21:10 - 2020-01-13 23:38 - 000000000 ____D C:\ProgramData\Bitmeter2
2020-05-18 21:09 - 2019-12-15 04:11 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\uTorrent
2020-05-18 21:09 - 2019-11-27 19:51 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-18 21:07 - 2020-01-02 23:10 - 000000000 ____D C:\Users\Lenovo\AppData\Local\NETGEARGenie
2020-05-18 21:07 - 2019-12-15 04:12 - 000000000 ____D C:\Users\Lenovo\AppData\Local\BitTorrentHelper
2020-05-18 21:07 - 2019-12-12 05:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-18 21:07 - 2019-11-27 20:03 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2020-05-18 21:07 - 2019-11-27 19:47 - 000000000 ___RD C:\Users\Lenovo\OneDrive
2020-05-18 21:07 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-18 21:06 - 2019-03-19 06:37 - 001572864 _____ C:\Windows\system32\config\BBI
2020-05-18 21:01 - 2019-03-19 13:55 - 000718198 _____ C:\Windows\system32\perfh005.dat
2020-05-18 21:01 - 2019-03-19 13:55 - 000145242 _____ C:\Windows\system32\perfc005.dat
2020-05-18 21:01 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF
2020-05-18 21:01 - 2016-04-27 08:54 - 001693640 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-18 17:50 - 2020-03-07 20:29 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Syncthing
2020-05-18 17:48 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-05-18 15:36 - 2020-02-22 01:45 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-05-18 12:43 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\Branding
2020-05-18 09:18 - 2019-12-12 05:08 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-05-17 22:37 - 2020-01-04 04:37 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-05-17 19:22 - 2019-12-15 04:11 - 000000877 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2020-05-17 02:30 - 2019-11-27 20:24 - 000000000 ____D C:\Users\Lenovo\AppData\Local\LenovoServiceBridge
2020-05-16 14:29 - 2019-12-10 19:45 - 000000000 ___RD C:\Users\Lenovo\Disk Google
2020-05-16 13:36 - 2020-03-17 12:47 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2020-05-16 13:35 - 2020-03-28 06:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2020-05-15 21:57 - 2020-03-29 08:16 - 000000000 ____D C:\Users\Lenovo\Documents\D O K L A D Y
2020-05-15 14:04 - 2019-12-15 09:38 - 000000000 ___RD C:\Users\Lenovo\Desktop\Zástupci
2020-05-15 14:01 - 2020-01-04 11:47 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Wondershare
2020-05-15 13:51 - 2019-12-12 05:20 - 000000000 ____D C:\Users\Lenovo
2020-05-15 12:31 - 2020-02-21 20:20 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2020-05-15 12:31 - 2020-02-21 20:20 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2020-05-15 08:37 - 2019-12-12 05:08 - 000497896 _____ C:\Windows\system32\FNTCACHE.DAT
2020-05-15 08:36 - 2019-12-30 19:38 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Mp3tag
2020-05-15 08:36 - 2019-12-30 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2020-05-15 08:36 - 2019-12-30 19:37 - 000000000 ____D C:\Program Files (x86)\Mp3tag
2020-05-14 17:27 - 2019-12-12 07:47 - 000000000 ____D C:\Users\Lenovo\AppData\Local\PlaceholderTileLogoFolder
2020-05-14 11:22 - 2020-03-16 05:00 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-13 07:06 - 2019-12-11 01:15 - 000000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2020-05-12 21:52 - 2019-12-12 05:26 - 000003206 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2020-05-12 21:52 - 2019-12-11 01:15 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-11 17:30 - 2019-12-30 19:06 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\audacity
2020-05-10 15:28 - 2020-03-31 03:37 - 000000000 ____D C:\ProgramData\TePmHeashU
2020-05-06 01:27 - 2019-12-10 18:23 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-04 02:13 - 2020-01-23 11:23 - 000366360 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2020-05-04 02:13 - 2019-06-20 03:27 - 000333592 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2020-05-04 02:13 - 2019-06-20 03:27 - 000203544 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_2.dll
2020-05-04 02:13 - 2019-06-20 03:27 - 000031512 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_1.dll
2020-05-03 17:13 - 2019-06-20 03:27 - 000044312 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140_1.dll
2020-05-03 17:13 - 2019-06-20 03:27 - 000027416 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_codecvt_ids.dll
2020-04-28 16:55 - 2019-12-28 01:17 - 000000000 ____D C:\Program Files (x86)\Java
2020-04-21 21:56 - 2019-12-15 05:18 - 000000000 ____D C:\Users\Public\Documents\Winstep
2020-04-21 00:57 - 2020-02-29 13:36 - 000000000 ___RD C:\Users\Lenovo\Documents\MEGA

==================== Files in the root of some directories ========

2020-05-18 12:39 - 2020-05-18 12:40 - 002667520 _____ (Icons8-Ios7-Household-Mouse-Trap-Mouse may) C:\Users\Public\signed.exe
2019-12-11 08:41 - 2020-01-02 17:50 - 000000132 _____ () C:\Users\Lenovo\AppData\Roaming\Adobe PNG Format CS6 Prefs
2020-04-01 08:32 - 2020-04-01 08:32 - 000004433 _____ () C:\Users\Lenovo\AppData\Roaming\for.js
2020-05-17 13:14 - 2020-05-17 13:14 - 000007413 _____ () C:\Users\Lenovo\AppData\Roaming\ID.js
2020-05-15 13:51 - 2020-05-15 13:51 - 000490846 _____ () C:\Users\Lenovo\AppData\Roaming\jbghuhqrms.txt
2020-05-16 20:38 - 2020-05-16 20:38 - 001119232 _____ () C:\Users\Lenovo\AppData\Roaming\notepad.exe
2020-05-15 14:00 - 2020-05-15 14:00 - 000490846 _____ () C:\Users\Lenovo\AppData\Roaming\oicxmzkagb.txt
2020-03-30 14:27 - 2020-03-30 14:27 - 139261152 _____ (Wondershare Software ) C:\Users\Lenovo\AppData\Roaming\video-converter-ultimate_full495.exe
2020-05-08 00:48 - 2020-05-06 22:52 - 000177620 _____ () C:\Users\Lenovo\AppData\Roaming\windowsupdate
2020-02-21 19:38 - 2020-02-21 19:38 - 000000410 _____ () C:\Users\Lenovo\AppData\Local\oobelibMkey.log
2019-11-27 20:29 - 2019-11-27 20:29 - 000007605 _____ () C:\Users\Lenovo\AppData\Local\Resmon.ResmonCfg
2020-03-24 00:49 - 2020-03-24 00:49 - 000201521 _____ () C:\Users\Lenovo\AppData\Local\tmp.tmp
2020-03-13 21:38 - 2020-03-13 21:38 - 000893608 _____ (AutoIt Team) C:\Users\Lenovo\AppData\Local\wintmp.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
C:\ProgramData\478A5347
C:\Users\Lenovo\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [Nexus] => [X]
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {286bab2a-9206-11ea-b900-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {286bad11-9206-11ea-b900-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {617a45cc-77be-11ea-b8fb-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {ef0c3d1e-92c1-11ea-b901-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {f00e25ed-4d2a-11ea-b8e0-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
IFEO\acs.exe: [Debugger] svchost.exe
IFEO\AdAwareDesktop.exe: [Debugger] svchost.exe
IFEO\AdAwareService.exe: [Debugger] svchost.exe
IFEO\AdAwareTray.exe: [Debugger] svchost.exe
IFEO\AgentSvc.exe: [Debugger] svchost.exe
IFEO\AVK.exe: [Debugger] svchost.exe
IFEO\AVKProxy.exe: [Debugger] svchost.exe
IFEO\AVKService.exe: [Debugger] svchost.exe
IFEO\AVKTray.exe: [Debugger] svchost.exe
IFEO\AVKWCtlx64.exe: [Debugger] svchost.exe
IFEO\avpmapp.exe: [Debugger] svchost.exe
IFEO\av_task.exe: [Debugger] svchost.exe
IFEO\Bav.exe: [Debugger] svchost.exe
IFEO\bavhm.exe: [Debugger] svchost.exe
IFEO\BavSvc.exe: [Debugger] svchost.exe
IFEO\BavTray.exe: [Debugger] svchost.exe
IFEO\BavUpdater.exe: [Debugger] svchost.exe
IFEO\BavWebClient.exe: [Debugger] svchost.exe
IFEO\BDSSVC.EXE: [Debugger] svchost.exe
IFEO\BgScan.exe: [Debugger] svchost.exe
IFEO\BullGuard.exe: [Debugger] svchost.exe
IFEO\BullGuardBhvScanner.exe: [Debugger] svchost.exe
IFEO\BullGuardUpdate.exe: [Debugger] svchost.exe
IFEO\BullGuarScanner.exe: [Debugger] svchost.exe
IFEO\capinfos.exe: [Debugger] svchost.exe
IFEO\cavwp.exe: [Debugger] svchost.exe
IFEO\CertReg.exe: [Debugger] svchost.exe
IFEO\cis.exe: [Debugger] svchost.exe
IFEO\CisTray.exe: [Debugger] svchost.exe
IFEO\clamscan.exe: [Debugger] svchost.exe
IFEO\ClamTray.exe: [Debugger] svchost.exe
IFEO\ClamWin.exe: [Debugger] svchost.exe
IFEO\cmdagent.exe: [Debugger] svchost.exe
IFEO\ConfigSecurityPolicy.exe: [Debugger] svchost.exe
IFEO\CONSCTLX.EXE: [Debugger] svchost.exe
IFEO\coreFrameworkHost.exe: [Debugger] svchost.exe
IFEO\coreServiceShell.exe: [Debugger] svchost.exe
IFEO\dragon_updater.exe: [Debugger] svchost.exe
IFEO\dumpcap.exe: [Debugger] svchost.exe
IFEO\econceal.exe: [Debugger] svchost.exe
IFEO\econser.exe: [Debugger] svchost.exe
IFEO\editcap.exe: [Debugger] svchost.exe
IFEO\EMLPROXY.EXE: [Debugger] svchost.exe
IFEO\escanmon.exe: [Debugger] svchost.exe
IFEO\escanpro.exe: [Debugger] svchost.exe
IFEO\fcappdb.exe: [Debugger] svchost.exe
IFEO\FCDBlog.exe: [Debugger] svchost.exe
IFEO\FCHelper64.exe: [Debugger] svchost.exe
IFEO\FilMsg.exe: [Debugger] svchost.exe
IFEO\FilUp.exe: [Debugger] svchost.exe
IFEO\filwscc.exe: [Debugger] svchost.exe
IFEO\fmon.exe: [Debugger] svchost.exe
IFEO\FortiClient.exe: [Debugger] svchost.exe
IFEO\FortiClient_Diagnostic_Tool.exe: [Debugger] svchost.exe
IFEO\FortiESNAC.exe: [Debugger] svchost.exe
IFEO\FortiFW.exe: [Debugger] svchost.exe
IFEO\FortiProxy.exe: [Debugger] svchost.exe
IFEO\FortiSSLVPNdaemon.exe: [Debugger] svchost.exe
IFEO\FortiTray.exe: [Debugger] svchost.exe
IFEO\FPAVServer.exe: [Debugger] svchost.exe
IFEO\FProtTray.exe: [Debugger] svchost.exe
IFEO\FPWin.exe: [Debugger] svchost.exe
IFEO\freshclam.exe: [Debugger] svchost.exe
IFEO\freshclamwrap.exe: [Debugger] svchost.exe
IFEO\fsgk32.exe: [Debugger] svchost.exe
IFEO\FSHDLL64.exe: [Debugger] svchost.exe
IFEO\fshoster32.exe: [Debugger] svchost.exe
IFEO\FSM32.EXE: [Debugger] svchost.exe
IFEO\FSMA32.EXE: [Debugger] svchost.exe
IFEO\fsorsp.exe: [Debugger] svchost.exe
IFEO\fssm32.exe: [Debugger] svchost.exe
IFEO\GdBgInx64.exe: [Debugger] svchost.exe
IFEO\GDKBFltExe32.exe: [Debugger] svchost.exe
IFEO\GDSC.exe: [Debugger] svchost.exe
IFEO\GDScan.exe: [Debugger] svchost.exe
IFEO\guardxkickoff_x64.exe: [Debugger] svchost.exe
IFEO\guardxservice.exe: [Debugger] svchost.exe
IFEO\iptray.exe: [Debugger] svchost.exe
IFEO\K7AVScan.exe: [Debugger] svchost.exe
IFEO\K7CrvSvc.exe: [Debugger] svchost.exe
IFEO\K7EmlPxy.EXE: [Debugger] svchost.exe
IFEO\K7FWSrvc.exe: [Debugger] svchost.exe
IFEO\K7PSSrvc.exe: [Debugger] svchost.exe
IFEO\K7RTScan.exe: [Debugger] svchost.exe
IFEO\K7SysMon.Exe: [Debugger] svchost.exe
IFEO\K7TSecurity.exe: [Debugger] svchost.exe
IFEO\K7TSMain.exe: [Debugger] svchost.exe
IFEO\K7TSMngr.exe: [Debugger] svchost.exe
IFEO\LittleHook.exe: [Debugger] svchost.exe
IFEO\mbam.exe: [Debugger] svchost.exe
IFEO\mbamscheduler.exe: [Debugger] svchost.exe
IFEO\mbamservice.exe: [Debugger] svchost.exe
IFEO\MCS-Uninstall.exe: [Debugger] svchost.exe
IFEO\MCShieldCCC.exe: [Debugger] svchost.exe
IFEO\MCShieldDS.exe: [Debugger] svchost.exe
IFEO\MCShieldRTM.exe: [Debugger] svchost.exe
IFEO\mergecap.exe: [Debugger] svchost.exe
IFEO\MpCmdRun.exe: [Debugger] svchost.exe
IFEO\MpUXSrv.exe: [Debugger] svchost.exe
IFEO\MSASCui.exe: [Debugger] svchost.exe
IFEO\MsMpEng.exe: [Debugger] svchost.exe
IFEO\MWAGENT.EXE: [Debugger] svchost.exe
IFEO\MWASER.EXE: [Debugger] svchost.exe
IFEO\nanoav.exe: [Debugger] svchost.exe
IFEO\nanosvc.exe: [Debugger] svchost.exe
IFEO\nbrowser.exe: [Debugger] svchost.exe
IFEO\nfservice.exe: [Debugger] svchost.exe
IFEO\NisSrv.exe: [Debugger] svchost.exe
IFEO\njeeves2.exe: [Debugger] svchost.exe
IFEO\nnf.exe: [Debugger] svchost.exe
IFEO\nprosec.exe: [Debugger] svchost.exe
IFEO\NS.exe: [Debugger] svchost.exe
IFEO\nseupdatesvc.exe: [Debugger] svchost.exe
IFEO\nvcod.exe: [Debugger] svchost.exe
IFEO\nvcsvc.exe: [Debugger] svchost.exe
IFEO\nvoy.exe: [Debugger] svchost.exe
IFEO\nwscmon.exe: [Debugger] svchost.exe
IFEO\ONLINENT.EXE: [Debugger] svchost.exe
IFEO\OPSSVC.EXE: [Debugger] svchost.exe
IFEO\op_mon.exe: [Debugger] svchost.exe
IFEO\ProcessHacker.exe: [Debugger] svchost.exe
IFEO\procexp.exe: [Debugger] svchost.exe
IFEO\PSANHost.exe: [Debugger] svchost.exe
IFEO\PSUAMain.exe: [Debugger] svchost.exe
IFEO\PSUAService.exe: [Debugger] svchost.exe
IFEO\psview.exe: [Debugger] svchost.exe
IFEO\PtSessionAgent.exe: [Debugger] svchost.exe
IFEO\PtSvcHost.exe: [Debugger] svchost.exe
IFEO\PtWatchDog.exe: [Debugger] svchost.exe
IFEO\quamgr.exe: [Debugger] svchost.exe
IFEO\QUHLPSVC.EXE: [Debugger] svchost.exe
IFEO\rawshark.exe: [Debugger] svchost.exe
IFEO\SAPISSVC.EXE: [Debugger] svchost.exe
IFEO\SASCore64.exe: [Debugger] svchost.exe
IFEO\SASTask.exe: [Debugger] svchost.exe
IFEO\SBAMSvc.exe: [Debugger] svchost.exe
IFEO\SBAMTray.exe: [Debugger] svchost.exe
IFEO\SBPIMSvc.exe: [Debugger] svchost.exe
IFEO\SCANNER.EXE: [Debugger] svchost.exe
IFEO\SCANWSCS.EXE: [Debugger] svchost.exe
IFEO\schmgr.exe: [Debugger] svchost.exe
IFEO\scproxysrv.exe: [Debugger] svchost.exe
IFEO\ScSecSvc.exe: [Debugger] svchost.exe
IFEO\SDFSSvc.exe: [Debugger] svchost.exe
IFEO\SDScan.exe: [Debugger] svchost.exe
IFEO\SDTray.exe: [Debugger] svchost.exe
IFEO\SDWelcome.exe: [Debugger] svchost.exe
IFEO\SSUpdate64.exe: [Debugger] svchost.exe
IFEO\SUPERAntiSpyware.exe: [Debugger] svchost.exe
IFEO\SUPERDelete.exe: [Debugger] svchost.exe
IFEO\Taskmgr.exe: [Debugger] svchost.exe
IFEO\text2pcap.exe: [Debugger] svchost.exe
IFEO\TRAYICOS.EXE: [Debugger] svchost.exe
IFEO\TRAYSSER.EXE: [Debugger] svchost.exe
IFEO\trigger.exe: [Debugger] svchost.exe
IFEO\tshark.exe: [Debugger] svchost.exe
IFEO\twsscan.exe: [Debugger] svchost.exe
IFEO\twssrv.exe: [Debugger] svchost.exe
IFEO\uiSeAgnt.exe: [Debugger] svchost.exe
IFEO\uiUpdateTray.exe: [Debugger] svchost.exe
IFEO\uiWatchDog.exe: [Debugger] svchost.exe
IFEO\uiWinMgr.exe: [Debugger] svchost.exe
IFEO\UnThreat.exe: [Debugger] svchost.exe
IFEO\UserAccountControlSettings.exe: [Debugger] svchost.exe
IFEO\UserReg.exe: [Debugger] svchost.exe
IFEO\utsvc.exe: [Debugger] svchost.exe
IFEO\V3Main.exe: [Debugger] svchost.exe
IFEO\V3Medic.exe: [Debugger] svchost.exe
IFEO\V3Proxy.exe: [Debugger] svchost.exe
IFEO\V3SP.exe: [Debugger] svchost.exe
IFEO\V3Svc.exe: [Debugger] svchost.exe
IFEO\V3Up.exe: [Debugger] svchost.exe
IFEO\VIEWTCP.EXE: [Debugger] svchost.exe
IFEO\VIPREUI.exe: [Debugger] svchost.exe
IFEO\virusutilities.exe: [Debugger] svchost.exe
IFEO\WebCompanion.exe: [Debugger] svchost.exe
IFEO\wireshark.exe: [Debugger] svchost.exe
IFEO\Zanda.exe: [Debugger] svchost.exe
IFEO\Zlh.exe: [Debugger] svchost.exe
IFEO\zlhh.exe: [Debugger] svchost.exe
ShortcutTarget: One Calendar.lnk -> (No File)
ShortcutTarget: One Task.lnk -> (No File)
Task: {78009D8F-5624-421B-8AFA-5E2E8FA413A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-10] (Google Inc -> Google LLC)
Task: {983C1DF4-D772-4280-9DB2-B6698167FE3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-10] (Google Inc -> Google LLC)
C:\Users\Lenovo\PTCVWyAJvEp
C:\Users\Lenovo\fUTkALeaTxM

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Ivošisko]

Omlouvám se za delší odmlku, ale mám další potíže. Instrukci jsem provedl dle pokynů, ovšem běh programu (potažmo celého NB) zamrzl a po "rozmražení" (což se povedlo až vytažením battery) přestal jít internet (Win hlásí, že je připojen, ale komunikace mezi NB a routerem není) a doteď jsem to nerozchodil. Takže nevím, zda je log úplný.

[Ivošisko]

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by Lenovo (19-05-2020 09:54:21) Run:2
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Lenovo
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
C:\ProgramData\478A5347
C:\Users\Lenovo\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [Nexus] => [X]
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {286bab2a-9206-11ea-b900-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {286bad11-9206-11ea-b900-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {617a45cc-77be-11ea-b8fb-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {ef0c3d1e-92c1-11ea-b901-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\MountPoints2: {f00e25ed-4d2a-11ea-b8e0-1c3e84e103cc} - "E:\HiSuiteDownLoader.exe"
IFEO\acs.exe: [Debugger] svchost.exe
IFEO\AdAwareDesktop.exe: [Debugger] svchost.exe
IFEO\AdAwareService.exe: [Debugger] svchost.exe
IFEO\AdAwareTray.exe: [Debugger] svchost.exe
IFEO\AgentSvc.exe: [Debugger] svchost.exe
IFEO\AVK.exe: [Debugger] svchost.exe
IFEO\AVKProxy.exe: [Debugger] svchost.exe
IFEO\AVKService.exe: [Debugger] svchost.exe
IFEO\AVKTray.exe: [Debugger] svchost.exe
IFEO\AVKWCtlx64.exe: [Debugger] svchost.exe
IFEO\avpmapp.exe: [Debugger] svchost.exe
IFEO\av_task.exe: [Debugger] svchost.exe
IFEO\Bav.exe: [Debugger] svchost.exe
IFEO\bavhm.exe: [Debugger] svchost.exe
IFEO\BavSvc.exe: [Debugger] svchost.exe
IFEO\BavTray.exe: [Debugger] svchost.exe
IFEO\BavUpdater.exe: [Debugger] svchost.exe
IFEO\BavWebClient.exe: [Debugger] svchost.exe
IFEO\BDSSVC.EXE: [Debugger] svchost.exe
IFEO\BgScan.exe: [Debugger] svchost.exe
IFEO\BullGuard.exe: [Debugger] svchost.exe
IFEO\BullGuardBhvScanner.exe: [Debugger] svchost.exe
IFEO\BullGuardUpdate.exe: [Debugger] svchost.exe
IFEO\BullGuarScanner.exe: [Debugger] svchost.exe
IFEO\capinfos.exe: [Debugger] svchost.exe
IFEO\cavwp.exe: [Debugger] svchost.exe
IFEO\CertReg.exe: [Debugger] svchost.exe
IFEO\cis.exe: [Debugger] svchost.exe
IFEO\CisTray.exe: [Debugger] svchost.exe
IFEO\clamscan.exe: [Debugger] svchost.exe
IFEO\ClamTray.exe: [Debugger] svchost.exe
IFEO\ClamWin.exe: [Debugger] svchost.exe
IFEO\cmdagent.exe: [Debugger] svchost.exe
IFEO\ConfigSecurityPolicy.exe: [Debugger] svchost.exe
IFEO\CONSCTLX.EXE: [Debugger] svchost.exe
IFEO\coreFrameworkHost.exe: [Debugger] svchost.exe
IFEO\coreServiceShell.exe: [Debugger] svchost.exe
IFEO\dragon_updater.exe: [Debugger] svchost.exe
IFEO\dumpcap.exe: [Debugger] svchost.exe
IFEO\econceal.exe: [Debugger] svchost.exe
IFEO\econser.exe: [Debugger] svchost.exe
IFEO\editcap.exe: [Debugger] svchost.exe
IFEO\EMLPROXY.EXE: [Debugger] svchost.exe
IFEO\escanmon.exe: [Debugger] svchost.exe
IFEO\escanpro.exe: [Debugger] svchost.exe
IFEO\fcappdb.exe: [Debugger] svchost.exe
IFEO\FCDBlog.exe: [Debugger] svchost.exe
IFEO\FCHelper64.exe: [Debugger] svchost.exe
IFEO\FilMsg.exe: [Debugger] svchost.exe
IFEO\FilUp.exe: [Debugger] svchost.exe
IFEO\filwscc.exe: [Debugger] svchost.exe
IFEO\fmon.exe: [Debugger] svchost.exe
IFEO\FortiClient.exe: [Debugger] svchost.exe
IFEO\FortiClient_Diagnostic_Tool.exe: [Debugger] svchost.exe
IFEO\FortiESNAC.exe: [Debugger] svchost.exe
IFEO\FortiFW.exe: [Debugger] svchost.exe
IFEO\FortiProxy.exe: [Debugger] svchost.exe
IFEO\FortiSSLVPNdaemon.exe: [Debugger] svchost.exe
IFEO\FortiTray.exe: [Debugger] svchost.exe
IFEO\FPAVServer.exe: [Debugger] svchost.exe
IFEO\FProtTray.exe: [Debugger] svchost.exe
IFEO\FPWin.exe: [Debugger] svchost.exe
IFEO\freshclam.exe: [Debugger] svchost.exe
IFEO\freshclamwrap.exe: [Debugger] svchost.exe
IFEO\fsgk32.exe: [Debugger] svchost.exe
IFEO\FSHDLL64.exe: [Debugger] svchost.exe
IFEO\fshoster32.exe: [Debugger] svchost.exe
IFEO\FSM32.EXE: [Debugger] svchost.exe
IFEO\FSMA32.EXE: [Debugger] svchost.exe
IFEO\fsorsp.exe: [Debugger] svchost.exe
IFEO\fssm32.exe: [Debugger] svchost.exe
IFEO\GdBgInx64.exe: [Debugger] svchost.exe
IFEO\GDKBFltExe32.exe: [Debugger] svchost.exe
IFEO\GDSC.exe: [Debugger] svchost.exe
IFEO\GDScan.exe: [Debugger] svchost.exe
IFEO\guardxkickoff_x64.exe: [Debugger] svchost.exe
IFEO\guardxservice.exe: [Debugger] svchost.exe
IFEO\iptray.exe: [Debugger] svchost.exe
IFEO\K7AVScan.exe: [Debugger] svchost.exe
IFEO\K7CrvSvc.exe: [Debugger] svchost.exe
IFEO\K7EmlPxy.EXE: [Debugger] svchost.exe
IFEO\K7FWSrvc.exe: [Debugger] svchost.exe
IFEO\K7PSSrvc.exe: [Debugger] svchost.exe
IFEO\K7RTScan.exe: [Debugger] svchost.exe
IFEO\K7SysMon.Exe: [Debugger] svchost.exe
IFEO\K7TSecurity.exe: [Debugger] svchost.exe
IFEO\K7TSMain.exe: [Debugger] svchost.exe
IFEO\K7TSMngr.exe: [Debugger] svchost.exe
IFEO\LittleHook.exe: [Debugger] svchost.exe
IFEO\mbam.exe: [Debugger] svchost.exe
IFEO\mbamscheduler.exe: [Debugger] svchost.exe
IFEO\mbamservice.exe: [Debugger] svchost.exe
IFEO\MCS-Uninstall.exe: [Debugger] svchost.exe
IFEO\MCShieldCCC.exe: [Debugger] svchost.exe
IFEO\MCShieldDS.exe: [Debugger] svchost.exe
IFEO\MCShieldRTM.exe: [Debugger] svchost.exe
IFEO\mergecap.exe: [Debugger] svchost.exe
IFEO\MpCmdRun.exe: [Debugger] svchost.exe
IFEO\MpUXSrv.exe: [Debugger] svchost.exe
IFEO\MSASCui.exe: [Debugger] svchost.exe
IFEO\MsMpEng.exe: [Debugger] svchost.exe
IFEO\MWAGENT.EXE: [Debugger] svchost.exe
IFEO\MWASER.EXE: [Debugger] svchost.exe
IFEO\nanoav.exe: [Debugger] svchost.exe
IFEO\nanosvc.exe: [Debugger] svchost.exe
IFEO\nbrowser.exe: [Debugger] svchost.exe
IFEO\nfservice.exe: [Debugger] svchost.exe
IFEO\NisSrv.exe: [Debugger] svchost.exe
IFEO\njeeves2.exe: [Debugger] svchost.exe
IFEO\nnf.exe: [Debugger] svchost.exe
IFEO\nprosec.exe: [Debugger] svchost.exe
IFEO\NS.exe: [Debugger] svchost.exe
IFEO\nseupdatesvc.exe: [Debugger] svchost.exe
IFEO\nvcod.exe: [Debugger] svchost.exe
IFEO\nvcsvc.exe: [Debugger] svchost.exe
IFEO\nvoy.exe: [Debugger] svchost.exe
IFEO\nwscmon.exe: [Debugger] svchost.exe
IFEO\ONLINENT.EXE: [Debugger] svchost.exe
IFEO\OPSSVC.EXE: [Debugger] svchost.exe
IFEO\op_mon.exe: [Debugger] svchost.exe
IFEO\ProcessHacker.exe: [Debugger] svchost.exe
IFEO\procexp.exe: [Debugger] svchost.exe
IFEO\PSANHost.exe: [Debugger] svchost.exe
IFEO\PSUAMain.exe: [Debugger] svchost.exe
IFEO\PSUAService.exe: [Debugger] svchost.exe
IFEO\psview.exe: [Debugger] svchost.exe
IFEO\PtSessionAgent.exe: [Debugger] svchost.exe
IFEO\PtSvcHost.exe: [Debugger] svchost.exe
IFEO\PtWatchDog.exe: [Debugger] svchost.exe
IFEO\quamgr.exe: [Debugger] svchost.exe
IFEO\QUHLPSVC.EXE: [Debugger] svchost.exe
IFEO\rawshark.exe: [Debugger] svchost.exe
IFEO\SAPISSVC.EXE: [Debugger] svchost.exe
IFEO\SASCore64.exe: [Debugger] svchost.exe
IFEO\SASTask.exe: [Debugger] svchost.exe
IFEO\SBAMSvc.exe: [Debugger] svchost.exe
IFEO\SBAMTray.exe: [Debugger] svchost.exe
IFEO\SBPIMSvc.exe: [Debugger] svchost.exe
IFEO\SCANNER.EXE: [Debugger] svchost.exe
IFEO\SCANWSCS.EXE: [Debugger] svchost.exe
IFEO\schmgr.exe: [Debugger] svchost.exe
IFEO\scproxysrv.exe: [Debugger] svchost.exe
IFEO\ScSecSvc.exe: [Debugger] svchost.exe
IFEO\SDFSSvc.exe: [Debugger] svchost.exe
IFEO\SDScan.exe: [Debugger] svchost.exe
IFEO\SDTray.exe: [Debugger] svchost.exe
IFEO\SDWelcome.exe: [Debugger] svchost.exe
IFEO\SSUpdate64.exe: [Debugger] svchost.exe
IFEO\SUPERAntiSpyware.exe: [Debugger] svchost.exe
IFEO\SUPERDelete.exe: [Debugger] svchost.exe
IFEO\Taskmgr.exe: [Debugger] svchost.exe
IFEO\text2pcap.exe: [Debugger] svchost.exe
IFEO\TRAYICOS.EXE: [Debugger] svchost.exe
IFEO\TRAYSSER.EXE: [Debugger] svchost.exe
IFEO\trigger.exe: [Debugger] svchost.exe
IFEO\tshark.exe: [Debugger] svchost.exe
IFEO\twsscan.exe: [Debugger] svchost.exe
IFEO\twssrv.exe: [Debugger] svchost.exe
IFEO\uiSeAgnt.exe: [Debugger] svchost.exe
IFEO\uiUpdateTray.exe: [Debugger] svchost.exe
IFEO\uiWatchDog.exe: [Debugger] svchost.exe
IFEO\uiWinMgr.exe: [Debugger] svchost.exe
IFEO\UnThreat.exe: [Debugger] svchost.exe
IFEO\UserAccountControlSettings.exe: [Debugger] svchost.exe
IFEO\UserReg.exe: [Debugger] svchost.exe
IFEO\utsvc.exe: [Debugger] svchost.exe
IFEO\V3Main.exe: [Debugger] svchost.exe
IFEO\V3Medic.exe: [Debugger] svchost.exe
IFEO\V3Proxy.exe: [Debugger] svchost.exe
IFEO\V3SP.exe: [Debugger] svchost.exe
IFEO\V3Svc.exe: [Debugger] svchost.exe
IFEO\V3Up.exe: [Debugger] svchost.exe
IFEO\VIEWTCP.EXE: [Debugger] svchost.exe
IFEO\VIPREUI.exe: [Debugger] svchost.exe
IFEO\virusutilities.exe: [Debugger] svchost.exe
IFEO\WebCompanion.exe: [Debugger] svchost.exe
IFEO\wireshark.exe: [Debugger] svchost.exe
IFEO\Zanda.exe: [Debugger] svchost.exe
IFEO\Zlh.exe: [Debugger] svchost.exe
IFEO\zlhh.exe: [Debugger] svchost.exe
ShortcutTarget: One Calendar.lnk -> (No File)
ShortcutTarget: One Task.lnk -> (No File)
Task: {78009D8F-5624-421B-8AFA-5E2E8FA413A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-10] (Google Inc -> Google LLC)
Task: {983C1DF4-D772-4280-9DB2-B6698167FE3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-12-10] (Google Inc -> Google LLC)
C:\Users\Lenovo\PTCVWyAJvEp
C:\Users\Lenovo\fUTkALeaTxM

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
"C:\ProgramData\478A5347" => not found
C:\Users\Lenovo\AppData\Local\Temp => moved successfully
"C:\ProgramData\TEMP" => ":9A870F8B" ADS not found.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-760426430-1322398698-3842268529-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Nexus" => not found
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{286bab2a-9206-11ea-b900-1c3e84e103cc} => not found
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{286bad11-9206-11ea-b900-1c3e84e103cc} => not found
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{617a45cc-77be-11ea-b8fb-1c3e84e103cc} => not found
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef0c3d1e-92c1-11ea-b901-1c3e84e103cc} => not found
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f00e25ed-4d2a-11ea-b8e0-1c3e84e103cc} => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\acs.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AdAwareDesktop.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AdAwareService.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AdAwareTray.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AgentSvc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AVK.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AVKProxy.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AVKService.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AVKTray.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AVKWCtlx64.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\avpmapp.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\av_task.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Bav.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bavhm.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\BavSvc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\BavTray.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\BavUpdater.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\BavWebClient.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\BDSSVC.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\BgScan.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\BullGuard.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\BullGuardBhvScanner.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\BullGuardUpdate.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\BullGuarScanner.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\capinfos.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cavwp.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CertReg.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cis.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CisTray.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\clamscan.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ClamTray.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ClamWin.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cmdagent.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ConfigSecurityPolicy.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\CONSCTLX.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\coreFrameworkHost.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\coreServiceShell.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dragon_updater.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dumpcap.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\econceal.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\econser.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\editcap.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\EMLPROXY.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\escanmon.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\escanpro.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\fcappdb.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FCDBlog.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FCHelper64.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FilMsg.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FilUp.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\filwscc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\fmon.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FortiClient.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FortiClient_Diagnostic_Tool.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FortiESNAC.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FortiFW.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FortiProxy.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FortiSSLVPNdaemon.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FortiTray.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FPAVServer.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FProtTray.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FPWin.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\freshclam.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\freshclamwrap.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\fsgk32.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FSHDLL64.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\fshoster32.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FSM32.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\FSMA32.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\fsorsp.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\fssm32.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\GdBgInx64.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\GDKBFltExe32.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\GDSC.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\GDScan.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\guardxkickoff_x64.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\guardxservice.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\iptray.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\K7AVScan.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\K7CrvSvc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\K7EmlPxy.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\K7FWSrvc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\K7PSSrvc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\K7RTScan.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\K7SysMon.Exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\K7TSecurity.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\K7TSMain.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\K7TSMngr.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\LittleHook.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbam.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamscheduler.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mbamservice.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MCS-Uninstall.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MCShieldCCC.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MCShieldDS.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MCShieldRTM.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mergecap.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MpCmdRun.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MpUXSrv.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MSASCui.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MsMpEng.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MWAGENT.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MWASER.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nanoav.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nanosvc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nbrowser.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nfservice.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\NisSrv.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\njeeves2.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nnf.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nprosec.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\NS.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nseupdatesvc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nvcod.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nvcsvc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nvoy.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nwscmon.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ONLINENT.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\OPSSVC.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\op_mon.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ProcessHacker.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\procexp.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PSANHost.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PSUAMain.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PSUAService.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\psview.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PtSessionAgent.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PtSvcHost.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\PtWatchDog.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\quamgr.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\QUHLPSVC.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\rawshark.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SAPISSVC.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SASCore64.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SASTask.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SBAMSvc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SBAMTray.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SBPIMSvc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SCANNER.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SCANWSCS.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\schmgr.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\scproxysrv.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ScSecSvc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SDFSSvc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SDScan.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SDTray.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SDWelcome.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SSUpdate64.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SUPERAntiSpyware.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SUPERDelete.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Taskmgr.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\text2pcap.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\TRAYICOS.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\TRAYSSER.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\trigger.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\tshark.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\twsscan.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\twssrv.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\uiSeAgnt.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\uiUpdateTray.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\uiWatchDog.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\uiWinMgr.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UnThreat.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UserAccountControlSettings.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\UserReg.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utsvc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\V3Main.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\V3Medic.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\V3Proxy.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\V3SP.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\V3Svc.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\V3Up.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\VIEWTCP.EXE => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\VIPREUI.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\virusutilities.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\WebCompanion.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\wireshark.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Zanda.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\Zlh.exe => not found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\zlhh.exe => not found
"ShortcutTarget: One Calendar.lnk -> (No File)" => not found
"ShortcutTarget: One Task.lnk -> (No File)" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78009D8F-5624-421B-8AFA-5E2E8FA413A0}" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{983C1DF4-D772-4280-9DB2-B6698167FE3E}" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => not found
"C:\Users\Lenovo\PTCVWyAJvEp" => not found
"C:\Users\Lenovo\fUTkALeaTxM" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13675792 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 61507 B
Edge => 0 B
Chrome => 12434214 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4790 B
NetworkService => 4913 B

[Rudy]

OK. Nastala nějaká změna?

[Ivošisko]

Jo, to nejdůležitější jsem při těch improvizacích zapomněl napsat - už nedochází k restartům, takže jeden problém je vyřešen.

Teď bych potřeboval pomoct s tím internetem - 2 důležité momenty:
1. nastalo to při tom "fixování", kdy noťas zatuhnul
2. vedle mám půjčený notebook (na stejné síti) a ten mi jede. Stejně tak mobil, takže je to v léčeném notebooku

[Rudy]

Koukněte do adresáře c:\windows\minidump a pokud tam najdete nějaké soubory, zabalta je do raru a přiložte k vašemu příštímu postu.

[Ivošisko]

Vypnul jsem proxy server a už mi internet jede - udělal jsem dobře nebo nee?

c:\windows\minidump je prázdný

[Ivošisko]

Drobný příspěvek na provoz fóra už k Vám nabral kurz